CVE-2022-20128

NameCVE-2022-20128
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
android-platform-system-core (PTS)jessie21-6vulnerable
stretch1:7.0.0+r33-1vulnerable
buster1:8.1.0+r23-5vulnerable
bullseye1:10.0.0+r36-7vulnerable
android-platform-tools (PTS)bookworm29.0.6-28fixed
sid, trixie34.0.5-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
android-platform-system-coresourcejessie(unfixed)end-of-life
android-platform-system-coresourcestretch(unfixed)end-of-life
android-platform-system-coresource(unstable)(unfixed)
android-platform-toolssourceexperimental33.0.3-1~exp1
android-platform-toolssource(unstable)29.0.6-23

Notes

[bullseye] - android-platform-system-core <no-dsa> (Minor issue)
[buster] - android-platform-system-core <no-dsa> (Minor issue)
https://www.openwall.com/lists/oss-security/2022/10/25/5
Search for package or bug name: Reporting problems