{"id":"ASB-A-262892300", "published":"2023-04-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-21084", "A-262892300"], "details":"In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/build/soong", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-04-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/build/soong/+/f3d1e8c24cba69b93d9fdd2f01d770927988eeb1"], "severity":"High", "spl":"2023-04-01", "types":["EoP"]}}, {"package":{"name":"platform/packages/modules/Virtualization", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-04-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Virtualization/+/94d7faa228c828abbbfda212f2e4abfa27d00b25"], "severity":"High", "spl":"2023-04-01", "types":["EoP"]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-04-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/build/soong/+/48d9ec056458a4bff78a9c572bc9c185dc037ccc"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/modules/Virtualization/+/31782435ddf9c3641bf7c78cc64075dd95eede87"}]}