{"id":"PUB-A-190435883", "published":"2021-12-01T00:00:00Z", "modified":"2026-04-29T15:10:00.007170452Z", "aliases":["CVE-2021-1001", "A-190435883"], "details":"In PVInitVideoEncoder of mp4enc_api.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/av", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2021-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a"], "severity":"Moderate", "spl":"2021-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"331766920222833858923471291138145887051", "length":20344}, "id":"PUB-A-190435883-6d24091e", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a", "target":{"file":"media/codecs/m4v_h263/enc/src/mp4enc_api.cpp", "function":"PVInitVideoEncoder"}}, {"deprecated":false, "digest":{"line_hashes":["206437095254952264279870610859463231236", "335763517536493788842454289933025066803", "315427360418934668995122938100707492940", "277662384132488287615611224431094309394", "161466992054306866615721603485132579586", "18605767560981244841544534635281281311", "288045843137782979265232455174873634161", "213438922595083060206583817694471793034", "21647049488474645469943973489962736788", "278275374606181650662406174154067542970", "244548571901860716783198757529286500556", "177514349601426941332198306653110568412", "322071612031000966792118222920463745902", "266949744181163504133091299737103916053"], "threshold":0.9}, "id":"PUB-A-190435883-d41a9e38", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a", "target":{"file":"media/codecs/m4v_h263/enc/src/mp4enc_api.cpp"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/av/+/c52ab47449d3c6bf2af3668c2c753d0a33404a9a"}]}