CVE-2022-20385

2022-09-1319:14:22

google_android

www.cve.org

vulnerability

nla_parse function

android soc

unchecked parameter length

out-of-bounds access

AI Score

9.3

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

a function called ‘nla_parse’, do not check the len of para, it will check nla_type (which can be controlled by userspace) with ‘maxtype’ (in this case, it is GSCAN_MAX), then it access polciy array ‘policy[type]’, which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android SoC"
      }
    ]
  }
]

References

source.android.com/security/bulletin/2022-09-01