fmq_fuzzer: Unsigned-integer-overflow in android::MessageQueueBase<android::hardware::MQDescriptor, int,

2024-06-0100:00:00

Google

osv.dev

android

messagequeuebase

integer overflow

bounds check

local escalation of privilege

no user interaction

out of bounds write

7 High

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

In availableToWriteBytes of MessageQueueBase.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
platform/system/libfmqeq13
platform/system/libfmqeq14
platform/system/libfmqeq12L
platform/system/libfmqeq12

Name	Operator	Version
platform/system/libfmq	eq	13
platform/system/libfmq	eq	14
platform/system/libfmq	eq	12L
platform/system/libfmq	eq	12

References

android.googlesource.com/platform/system/libfmq/+/79bbf4aeef4b254c52da670a972e22956c8c659d

source.android.com/security/bulletin/2024-06-01