CVE-2022-20385 — Vulnetix

CVE-2022-20385 PUBLISHED CVSS 9.800000190734863 CRITICAL

a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819

EPSS 0.15% · 35.4th percentile

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.15%

35.4th percentile

Affected Products

Vendor	Product	Versions
n/a	Android	*
google	android

Exploit Intelligence

https://source.android.com/security/bulletin/2022-09-01 (circl)

Timeline

Sep 7, 2022 CVE Published
Sep 14, 2022 EPSS Score
Oct 29, 2022 EPSS Score
Dec 13, 2022 EPSS Score
Jan 27, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 13, 2023 EPSS Score
Apr 27, 2023 EPSS Score
Jun 11, 2023 EPSS Score
Jul 26, 2023 EPSS Score
Sep 9, 2023 EPSS Score
Oct 24, 2023 EPSS Score

References

https://source.android.com/docs/security/bulletin/2022-09-01 advisory
https://source.android.com/docs/security/bulletin/pixel/2022-09-01 advisory
https://source.android.com/security/bulletin/2022-09-01 url
https://nvd.nist.gov/vuln/detail/CVE-2022-20385 advisory

Open in Interactive Console →