{ "name" : "keystore buffer", "CVE" : [["CVE-2014-3100","securityinteligence-keystore"]], "Coordinated_disclosure" : "true", "Severity" : "uncertain", "Categories" : ["system"], "Details" : [["Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.","CVE-2014-3100"]], "Discovered_by" : [["Roee Hay (IBM)","securityinteligence-keystore"]], "Discovered_on" : [["2013-09-09","keystore-patch"]], "Submission" : [{"by" : "drt24", "on" : "2014-07-17"},{"by" : "lmrs2", "on" : "2014-06-24"}], "Reported_on" : [["2014-06-23","securityinteligence-keystore"]], "Fixed_on" : [["2013-09-09","keystore-patch"]], "Fix_released_on" : [["2013-10-31","android-4.4-release"]], "Affected_versions" : [["4.3","securityinteligence-keystore"]], "Affected_devices" : [["all","securityinteligence-keystore"]], "Affected_versions_regexp" : ["4\\.3\\.[0-9]"], "Affected_manufacturers" : [["all","securityinteligence-keystore"]], "Fixed_versions" : [["4.4", "keystore-patch"]], "references" : { "securityinteligence-keystore" : { "url" : "http://securityintelligence.com/android-keystore-stack-buffer-overflow-to-keep-things-simple-buffers-are-always-larger-than-needed/" } , "CVE-2014-3100" : { "url" : "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3100" } , "keystore-patch" : { "url" : "https://android.googlesource.com/platform/cts/+/cb35803", "component" : "platform/cts", "commit" : "cb35803b31a8c0fe5e767e7a57632757c751346c" } , "android-4.4-release" : { "url" : "http://googleblog.blogspot.co.uk/2013/10/android-for-all-and-new-nexus-5.html" } }, "Surface": ["local", "app"], "Vector": ["daemon-abusing", "memory-corruption"], "Target": ["system-component"], "Channel": ["app-execution"], "Condition": ["affected-app-installed"], "Privilege": ["access-to-data"] }