{"id":"PUB-A-248085351", "published":"2023-03-01T00:00:00Z", "modified":"2026-07-08T15:24:28.874761715Z", "aliases":["CVE-2023-21032", "A-248085351"], "details":"In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/libufdt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-03-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/libufdt/+/b70383d8af4586a5fa8b16b54c43454bf155c215"], "severity":"Moderate", "spl":"2023-03-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["185996014945940549936661149226636308853", "33760819164134696779677180225239044425", "8661123515658004340251122499297930676", "127870674633992435070714280942576474328", "62113322542557763581533776596464778371", "172310728119040866969902223522134157238", "135259040793266689830984966664586614446"], "threshold":0.9}, "id":"PUB-A-248085351-6ce58280", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libufdt/+/b70383d8af4586a5fa8b16b54c43454bf155c215", "target":{"file":"ufdt_convert.c"}}, {"deprecated":false, "digest":{"function_hash":"124461904035609904842238398409321041694", "length":436}, "id":"PUB-A-248085351-96388e20", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/libufdt/+/b70383d8af4586a5fa8b16b54c43454bf155c215", "target":{"file":"ufdt_convert.c", "function":"ufdt_from_fdt"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-03-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/libufdt/+/14f8b87308455fce6ab72cf86adccb335a28abeb"}]}