ASB-A-129476618
- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-129476618.json
- Aliases
-
- CVE-2020-0227
- Published
- 2020-07-01T00:00:00Z
- Modified
- 2024-04-18T14:40:51Z
- Details
-
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2020-07-01
- https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1
- https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89
- https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7
- https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766
- https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b
- https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b
Affected packages
Android / platform/cts
Package
- Name
- platform/cts
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced8.0:0Fixed8.0:2020-07-01Introduced8.1:0Fixed8.1:2020-07-01Introduced9:0Fixed9:2020-07-01Introduced10:0Fixed10:2020-07-01
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1",
"https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89",
"https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7"
],
"spl": "2020-07-01",
"types": [
"EoP"
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced8.0:0Fixed8.0:2020-07-01Introduced8.1:0Fixed8.1:2020-07-01Introduced9:0Fixed9:2020-07-01Introduced10:0Fixed10:2020-07-01
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
"https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
"https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b"
],
"spl": "2020-07-01",
"types": [
"EoP"
],
"severity": "High"
}