{"id":"ASB-A-216481035","details":"In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-216481035","CVE-2022-20008"],"modified":"2026-03-11T06:19:01.050813Z","published":"2022-05-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-05-01"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90"},{"type":"FIX","url":"https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5"}],"affected":[{"package":{"name":":linux_kernel:","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":":0"},{"fixed":":2022-05-05"}]}],"versions":["Kernel"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb","https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90","https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5"],"vanir_signatures":[{"digest":{"function_hash":"290459416158443490269445564131014734238","length":978},"source":"https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5","signature_version":"v1","id":"ASB-A-216481035-0d8a59c6","signature_type":"Function","target":{"function":"mmc_blk_read_single","file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false},{"digest":{"function_hash":"290459416158443490269445564131014734238","length":978},"source":"https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90","signature_version":"v1","id":"ASB-A-216481035-3203c8b1","signature_type":"Function","target":{"function":"mmc_blk_read_single","file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["2907444189528137582598791217727045976","80646727252109438267268950575052761574","214455761909637698135983059591719148404","314224666913841343005414661948040423198","301079217581052051189090274480861617100","333000515435920061536231456913963985304","130151144031969264003597906697477326274","248909641728583318544137915805454314577","41714600779776968329513128334675758975","145170706701966385612643393627647051505","269644774211126604351262929141648861431","200409849303713783695564726255665398656","254740679565737498548231481744941635265","95260411534038648523560557426888444784","149451371566647158598358333914912173079","246028754277326850540093589276958046608","123655838134129163841804075222723179401","336965310461298005801655302288838830825","91701752304520966890165163965022529758","184328425099164550879843336430941754535","14189298840319197261086693072886128807"]},"source":"https://android.googlesource.com/kernel/common/+/8f66dc1a78a743ea3c3f039500d2aa0cddd776d5","signature_version":"v1","id":"ASB-A-216481035-8719bca4","signature_type":"Line","target":{"file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["2907444189528137582598791217727045976","80646727252109438267268950575052761574","214455761909637698135983059591719148404","314224666913841343005414661948040423198","301079217581052051189090274480861617100","333000515435920061536231456913963985304","130151144031969264003597906697477326274","248909641728583318544137915805454314577","41714600779776968329513128334675758975","145170706701966385612643393627647051505","82779074392281770542715410463218417675","321248953353821862450469011039827550385","324843245304616300959363174425865350731","151898391135442215427971803908467078645","149451371566647158598358333914912173079","246028754277326850540093589276958046608","123655838134129163841804075222723179401","336965310461298005801655302288838830825","91701752304520966890165163965022529758","184328425099164550879843336430941754535","14189298840319197261086693072886128807"]},"source":"https://android.googlesource.com/kernel/common/+/8a3679a75730c1babde6bf63e35d227f3305bd90","signature_version":"v1","id":"ASB-A-216481035-91b2ef5b","signature_type":"Line","target":{"file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false},{"digest":{"function_hash":"290459416158443490269445564131014734238","length":978},"source":"https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb","signature_version":"v1","id":"ASB-A-216481035-d11d0f38","signature_type":"Function","target":{"function":"mmc_blk_read_single","file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false},{"digest":{"threshold":0.9,"line_hashes":["2907444189528137582598791217727045976","80646727252109438267268950575052761574","214455761909637698135983059591719148404","314224666913841343005414661948040423198","301079217581052051189090274480861617100","333000515435920061536231456913963985304","130151144031969264003597906697477326274","248909641728583318544137915805454314577","41714600779776968329513128334675758975","145170706701966385612643393627647051505","82779074392281770542715410463218417675","321248953353821862450469011039827550385","324843245304616300959363174425865350731","151898391135442215427971803908467078645","149451371566647158598358333914912173079","246028754277326850540093589276958046608","123655838134129163841804075222723179401","336965310461298005801655302288838830825","91701752304520966890165163965022529758","184328425099164550879843336430941754535","14189298840319197261086693072886128807"]},"source":"https://android.googlesource.com/kernel/common/+/2aea7dc18f4249dc53e53598db50b59c26a60aeb","signature_version":"v1","id":"ASB-A-216481035-ee7289ad","signature_type":"Line","target":{"file":"drivers/mmc/core/block.c","truncated_path_level":1},"deprecated":false}],"types":["ID"],"spl":"2022-05-05","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv-test/ASB-A-216481035.json"}}],"schema_version":"1.7.5"}