ASB-A-129476618

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-129476618.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-129476618
Aliases
  • A-129476618
  • CVE-2020-0227
Published
2020-07-01T00:00:00Z
Modified
2024-08-07T19:29:40.012546Z
Summary
[none]
Details

In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/cts

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.0:0
Fixed
8.0:2020-07-01

Affected versions

8.*

8.0

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1",
        "https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89",
        "https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.0:0
Fixed
8.0:2020-07-01

Affected versions

8.*

8.0

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-217c27d0",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-3443ebf8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-ea2fd65d",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
        "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
        "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/cts

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2020-07-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1",
        "https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89",
        "https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2020-07-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-1e92855e",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-5f20fe37",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-f0b72546",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
        "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
        "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/cts

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2020-07-01

Affected versions

Other

9

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1",
        "https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89",
        "https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2020-07-01

Affected versions

Other

9

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-1e421d4f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-56eeb89b",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-89c32a17",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
        "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
        "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/cts

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2020-07-01

Affected versions

Other

10

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/cts/+/4f7dc13067ab4aa4f0c3f5373ee0a28c0285eea1",
        "https://android.googlesource.com/platform/cts/+/7d87a0e0a7bcda698b30957bce3c21d64a965e89",
        "https://android.googlesource.com/platform/cts/+/8643636095dc9b3c70a62ef16f68df12dff67fe7"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2020-07-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-1433fec6",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-bedcce21",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "26708729099211957372007850238875196453",
                    "298307091307253877753515377986473208398",
                    "303296711729030685135651464016046123052"
                ]
            },
            "id": "ASB-A-129476618-c6c55255",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/84cccfe6cdbc57ee372ee1a0fea64c7a11c53766",
        "https://android.googlesource.com/platform/frameworks/base/+/98f45443e1cf397ab92b4cecd9200c2dcccf099b",
        "https://android.googlesource.com/platform/frameworks/base/+/b4aaa9d8adae5971f7f6589afc22008afa2f8d2b"
    ],
    "spl": "2020-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}