ASB-A-140256621
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-140256621.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-140256621
- Aliases
-
- A-140256621
- CVE-2020-0439
- Published
- 2020-11-01T00:00:00Z
- Modified
- 2024-10-01T21:54:45Z
- Summary
- [none]
- Details
-
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"271971882974451749579940557591877416442",
"24205034439355785176021830187153456954",
"277788347820877011201586845651849483326",
"48931828168504169546684354862307830190",
"203368179495368343527892236374747507376",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592",
"150591757113947191522548734358004902325",
"14038674738183755763715843906656424410",
"154182220932586410074947337160373619621",
"255046662697187950046489565623395120474",
"16028033947526972062713092824742250636",
"210005632255543838456910076742488047409",
"13261025413385110298317900225382421990",
"96740624629439313170082507263211095423",
"192656267888217996625533953983747590368",
"103483856885971159778518148863166796949",
"60046960628806303879729841261698144307",
"218247869527752573962619006571764838245",
"315737957758846556901948188775760847659"
]
},
"id": "ASB-A-140256621-256697ff",
"source": "https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 21933.0,
"function_hash": "322786507398356885516625291528685872166"
},
"id": "ASB-A-140256621-45de2abb",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "PackageManagerService"
},
"signature_type": "Function"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-463db6a0",
"source": "https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1961.0,
"function_hash": "143258622276265196276589506981079986656"
},
"id": "ASB-A-140256621-4e393d0f",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deleteSystemPackageLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1815.0,
"function_hash": "259395408210374525710567365512112273131"
},
"id": "ASB-A-140256621-58edb226",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "installPackageFromSystemLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1569.0,
"function_hash": "61057072983360952154033019365774564152"
},
"id": "ASB-A-140256621-66034527",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "enableCompressedPackage"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"3271075293627186102788207892072491390",
"256131198327079629824560170364070892187",
"129725822984932144206096304236050951288",
"202154113690992753158987310634109614230",
"88005100597857451438219184339456816847",
"16786655540957234918801446590391115563",
"116173499882206639733840351621167633854",
"102535073914193051299604321888571467653",
"239571990004640192488138110513037052997",
"148732065094273629141091413921174052623",
"233565929521594871423640885317155768369",
"255394816120598207156260642734662720949",
"318801982496306347512474650179684655795",
"186110777445997442742142491233170668919",
"132523220045607985772007477897081121498",
"240190692724268092602418023469238124431",
"238460016675151152758041176801640981929",
"193128937232157863288799930653717768058",
"258323898294123907768325657637273921030",
"295819808538588052879011050199863532956",
"82495078567007094754198935483429551898",
"231765283484385657445373283462084179832",
"184886437269779179094249142064657360918",
"247277472036218280678874683720723744990",
"211277551243664861702100246425579966193",
"220888890311227279528872588488417163410",
"278285042016901724682219458810977123901",
"47029323351108290726290413530550590274",
"156216662042209464534993789514025436933",
"37622856626496221331116016708366438342",
"279622516000985233739651023221711754663",
"20477570377209851893243501544007205833",
"193193530140743799844626587510130745358",
"265038695855100465211288237720948348676",
"281791865949923109466001427507757916024",
"121880002061598294163605280613682336045",
"213374977994583208739231388850427809361",
"237800842558394162419231128502305280053",
"298557141855467154734667929294902991070",
"178766603754805811472732143511500676535",
"72170737502919604200060732244201651219",
"234254230692744655246138237030820007071",
"303250530801237495467033023276759887776",
"222550101300106244706264898118794163294",
"221239650784198972120060530757588779270",
"42813777183532373633717821541181783587",
"288679384115632090312186268376167279747",
"270327560939241705837030404081702517605",
"182730116718769168869892701232774045890",
"195285028729228357826216166737927364917",
"205072134797706808944457991866726768815",
"236961409947838792140058854721847671082",
"174923830277264943565731599011808186490",
"172315952278733900758925892826721216104",
"209280269814144674911502991901502477246",
"126003467492192751208950186674100717498",
"235939930080285156965004916428127269515",
"103922722440057816942122423008652388407",
"185931102067905459696387291455236373657",
"206291317998811747816487829894143199929",
"288157369735517182216766574071226078970",
"226484104476378924442983931744362297062",
"239027757081994187528515723299044749071",
"21796505450312582685272618167989860846",
"223313612494427122139161571164791014803",
"35675411245849283600683949052366367370",
"320727467522424550600381438422870071931"
]
},
"id": "ASB-A-140256621-8169addd",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"80534942161854568712418940599115572923",
"213603318318826064244618260922792722930",
"104298222017443776986091895310839222944",
"299080278819686792292602813364402723877"
]
},
"id": "ASB-A-140256621-9c358b87",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a2747c93521069600d012d9da81044e80aa06cce",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2905.0,
"function_hash": "241078711964316742034716273155800152856"
},
"id": "ASB-A-140256621-a4007b70",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "removePackageDataLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1864.0,
"function_hash": "178229285840426122445647457169911404261"
},
"id": "ASB-A-140256621-a618b557",
"source": "https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "executeDeletePackageLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1246.0,
"function_hash": "95962146906884849531509670783063632629"
},
"id": "ASB-A-140256621-ba5bbd70",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "unloadPrivatePackagesInner"
},
"signature_type": "Function"
},
{
"digest": {
"length": 5482.0,
"function_hash": "340238328100381865672115798550284685631"
},
"id": "ASB-A-140256621-d35bf44f",
"source": "https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
},
"signature_type": "Function"
},
{
"digest": {
"length": 478.0,
"function_hash": "329892263405326115001219053164999251400"
},
"id": "ASB-A-140256621-d670ebab",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deleteInstalledPackageLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 5282.0,
"function_hash": "171432363259041544387800139373428557768"
},
"id": "ASB-A-140256621-f1014200",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addForInitLI"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1469.0,
"function_hash": "106663369258781891962193765518869133563"
},
"id": "ASB-A-140256621-f986a7a4",
"source": "https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a2747c93521069600d012d9da81044e80aa06cce",
"https://android.googlesource.com/platform/frameworks/base/+/f09326bd07244ccab244d02a07cb5f330af73c7d",
"https://android.googlesource.com/platform/frameworks/base/+/34d1db18ddfdb1fd709a9dae46959ed15d134d16"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1021.0,
"function_hash": "5180051159973888628643697468730862747"
},
"id": "ASB-A-140256621-2c540dc4",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "generatePackageInfo"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1332.0,
"function_hash": "181583035435809755028565052395667143031"
},
"id": "ASB-A-140256621-52b7fb9a",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"316408304082019384869216693940526255309",
"87457292521453566997276247952051004954",
"112577662992659797422532733274065858000",
"250567930405668350254306644888323173527",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"253607418005759739675220518715402933195",
"61989971500047688816845128431705310619",
"130401272635193384107521858870082630225",
"119869380773094384545370333679296832290",
"223938591367039244131837832067035555031",
"208951271050499319796505361730026473068",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592"
]
},
"id": "ASB-A-140256621-84508901",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-e9c650c9",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1332.0,
"function_hash": "181583035435809755028565052395667143031"
},
"id": "ASB-A-140256621-2f57f927",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-48098703",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"316408304082019384869216693940526255309",
"87457292521453566997276247952051004954",
"112577662992659797422532733274065858000",
"250567930405668350254306644888323173527",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"253607418005759739675220518715402933195",
"61989971500047688816845128431705310619",
"130401272635193384107521858870082630225",
"119869380773094384545370333679296832290",
"223938591367039244131837832067035555031",
"208951271050499319796505361730026473068",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592"
]
},
"id": "ASB-A-140256621-71b27f0c",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1021.0,
"function_hash": "5180051159973888628643697468730862747"
},
"id": "ASB-A-140256621-a20235cc",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "generatePackageInfo"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a710a3045724d0db903477113bf63c29b940c773"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1469.0,
"function_hash": "106663369258781891962193765518869133563"
},
"id": "ASB-A-140256621-1723e85a",
"source": "https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-18779221",
"source": "https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1981.0,
"function_hash": "172436183220765043776946468151113413052"
},
"id": "ASB-A-140256621-1d983013",
"source": "https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "generatePackageInfo"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"271971882974451749579940557591877416442",
"24205034439355785176021830187153456954",
"277788347820877011201586845651849483326",
"48931828168504169546684354862307830190",
"203368179495368343527892236374747507376",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"253607418005759739675220518715402933195",
"61989971500047688816845128431705310619",
"12856928483618637449368792852780255312",
"274062785257699346969656186436331191536",
"172290505714991255303801620378083200798",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592",
"41074580312738739239047464186066931384",
"84754849698024864075458225834995247868",
"61378569051352479642146403689299270138",
"279070192564905011550620368737042690199"
]
},
"id": "ASB-A-140256621-ca762ba3",
"source": "https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 4385.0,
"function_hash": "219814342797762461796207653227591242542"
},
"id": "ASB-A-140256621-ead05ac7",
"source": "https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deletePackageLIF"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/8b9393f4f4b4492a68f1e463c422bbc5ec890db7"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3907.0,
"function_hash": "175958938380919984509888856507103043965"
},
"id": "ASB-A-140256621-046ce3d9",
"source": "https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "executeDeletePackageLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-c4296ce4",
"source": "https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1469.0,
"function_hash": "106663369258781891962193765518869133563"
},
"id": "ASB-A-140256621-cb9fe343",
"source": "https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1971.0,
"function_hash": "61174558776178965434754502849627000612"
},
"id": "ASB-A-140256621-d8523b9b",
"source": "https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "generatePackageInfo"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"271971882974451749579940557591877416442",
"24205034439355785176021830187153456954",
"277788347820877011201586845651849483326",
"48931828168504169546684354862307830190",
"203368179495368343527892236374747507376",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"253607418005759739675220518715402933195",
"77387659711762311762999378015673827643",
"294185814027377539308985069858557542719",
"129074452266126374820464200571312894426",
"83354839849621133710984368590937320294",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592",
"75719185121946612608231774861641273431",
"84754849698024864075458225834995247868",
"61378569051352479642146403689299270138",
"184403712619357548555401853662827316756"
]
},
"id": "ASB-A-140256621-f3686cf9",
"source": "https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/741e955d129c1adb2df16bff31c374ee8073180c"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"11"
],
"digest": {
"length": 1974.0,
"function_hash": "19763204206053755134142961679339093143"
},
"id": "ASB-A-140256621-274b4f0f",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "generatePackageInfo"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"253396609669921316539394630433713262167",
"274687338872487417933184019953377536370",
"229916441086580121195326712871713787820",
"271971882974451749579940557591877416442",
"24205034439355785176021830187153456954",
"277788347820877011201586845651849483326",
"48931828168504169546684354862307830190",
"203368179495368343527892236374747507376",
"132729979780175029740819344174108602230",
"317538048140426394703782700552642963170",
"316114193329233853497416987781912210861",
"282888036833976859420609048431743836559",
"179381769753002926905070061200602925453",
"319442271913114339382921474973474286455",
"130644539797941809028862610338135031168",
"278866380819965992331105497569401286143",
"295462736938616061448171582581747358544",
"258657412870096086076187078196382385919",
"273169066895788309444405416304601424368",
"249647224240407208084773583267060809546",
"71926801713946897460438588974137909250",
"12710146587421600635359458373273558592",
"150591757113947191522548734358004902325",
"14038674738183755763715843906656424410",
"154182220932586410074947337160373619621",
"255046662697187950046489565623395120474",
"16028033947526972062713092824742250636",
"210005632255543838456910076742488047409",
"13261025413385110298317900225382421990",
"96740624629439313170082507263211095423",
"192656267888217996625533953983747590368",
"103483856885971159778518148863166796949",
"60046960628806303879729841261698144307",
"218247869527752573962619006571764838245",
"315737957758846556901948188775760847659"
]
},
"id": "ASB-A-140256621-27ad30e9",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1469.0,
"function_hash": "106663369258781891962193765518869133563"
},
"id": "ASB-A-140256621-3886969a",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "getInstantAppInstallerLPr"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"11"
],
"digest": {
"length": 1987.0,
"function_hash": "77601091537302297658245433915555927035"
},
"id": "ASB-A-140256621-492d677d",
"source": "https://android.googlesource.com/platform/frameworks/base/+/01e0f4813af8502faaa683d55dbbc024b3080741",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "executeDeletePackageLIF"
},
"signature_type": "Function"
},
{
"digest": {
"length": 838.0,
"function_hash": "326417311602979837718301016844143032706"
},
"id": "ASB-A-140256621-4f9909a7",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "addPackageHoldingPermissions"
},
"signature_type": "Function"
},
{
"digest": {
"length": 1864.0,
"function_hash": "178229285840426122445647457169911404261"
},
"id": "ASB-A-140256621-4fd5c642",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "executeDeletePackageLIF"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"11"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"64152874298733692454198516434103997693",
"130029551890964590688231571212066845648",
"65843965651650544406662993002053427619",
"40653486360623649136779285927749846544"
]
},
"id": "ASB-A-140256621-6536dd1e",
"source": "https://android.googlesource.com/platform/frameworks/base/+/01e0f4813af8502faaa683d55dbbc024b3080741",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 5482.0,
"function_hash": "340238328100381865672115798550284685631"
},
"id": "ASB-A-140256621-918e75e4",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d83e3a350d1a2a6fd317b19ad22ee5647781870e",
"https://android.googlesource.com/platform/frameworks/base/+/01e0f4813af8502faaa683d55dbbc024b3080741"
],
"spl": "2020-11-01",
"severity": "High",
"types": [
"EoP"
]
}