Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix CVE-2024-23709 #25

Merged
merged 1 commit into from
Oct 5, 2024
Merged

Fix CVE-2024-23709 #25

merged 1 commit into from
Oct 5, 2024

Conversation

rsp4jack
Copy link

@rsp4jack rsp4jack commented Oct 1, 2024

https://nvd.nist.gov/vuln/detail/CVE-2024-23709
https://android.googlesource.com/platform/external/sonivox/+/f9d489385ecb04bbfe06f92d6fb03a69d2734fad

cherry-picked from f9d4893

fix buffer overrun in eas_wtengine

avoid a buffer overrun in eas_wtengine.
Check buffer limits during application of gain
Clip calculated length in eas_wtsynth

Bug: 317780080
Test: POC with bug
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6b66e7665dbcd891ff23081c13ab0b1637bb1dda)
Merged-In: I3609d6a36d89b26ae7eb3ae84cbe7772f6c3bee0
Change-Id: I3609d6a36d89b26ae7eb3ae84cbe7772f6c3bee0
backporting fix from main

avoid a buffer overrun in eas_wtengine.
Check buffer limits during application of gain
Clip calculated length in eas_wtsynth

Bug: 317780080
Test: POC with bug
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6b66e7665dbcd891ff23081c13ab0b1637bb1dda)
Merged-In: I3609d6a36d89b26ae7eb3ae84cbe7772f6c3bee0
Change-Id: I3609d6a36d89b26ae7eb3ae84cbe7772f6c3bee0
backporting fix from main
@pedrolcl pedrolcl merged commit fea94dc into pedrolcl:devel Oct 5, 2024
8 checks passed
@rsp4jack rsp4jack deleted the cve branch October 27, 2024 04:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants