ASB-A-155288585

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-155288585.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-155288585

Aliases

A-155288585
CVE-2020-0416

Published

2020-10-01T00:00:00Z

Modified

2026-04-17T15:55:28.020024Z

Summary

[none]

Details

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android

platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.0:0

Fixed

8.0:2020-10-01

Affected versions

8.*

8.0

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "151557951542668385323084169615629007329",
                    "35591176492028662809276849305824430955",
                    "234505717090616670048737695321583792040",
                    "110285358669643541346533533357259098253",
                    "127969708814635331565682637667233593556",
                    "288514165275185747546512587650845225016",
                    "306661871994702363218617716011523904088",
                    "232422024136762475178539819335044069640",
                    "40979009376763407454503434191849886915",
                    "88254543267391149487694866823587822650",
                    "278374513136742507651875840621837922430",
                    "305135033786324732377071234700548246766",
                    "100183859666574453068076566454965420550",
                    "142085729645846270091208081924830198026",
                    "302736448690187893423725750093263926406",
                    "142239255895399827936464054614457599207",
                    "282131560218407174932987891712039082250",
                    "26976067077402376587252767035963982134",
                    "81945406323850562873013355745476159502",
                    "40753768224873948863152755608850404667",
                    "296916029076816626419060022072331715077",
                    "159497725433097650796998912311588947534",
                    "41641740387065732122377648834159941674",
                    "64197496753451651469386268593241775891",
                    "144038084806623166375169232034773857912",
                    "182674626209482967006223239622282416434",
                    "192642429458984428591294607902318272151",
                    "242865644505457240446592149605363802885",
                    "79480452752204968157347203175591870775",
                    "50442890568951793745685232262974491695",
                    "301339917948643692737007669984015773073",
                    "263530958302554902904754018810669118820",
                    "160950281043115131567192029326301894373",
                    "161994518442362508998141715326651875349"
                ]
            },
            "id": "ASB-A-155288585-1ae051fe",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminListPreferenceController.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "107413060849419495253365581260117780211",
                    "98186087523755489488079000024707275670",
                    "27150345268256271064036936226926244304",
                    "303809243070601088574232491052641824502"
                ]
            },
            "id": "ASB-A-155288585-b7b46ba6",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/widget/AppSwitchPreference.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/4794b798c427c53a9d0f8c608c367a3e6469ed5f",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2020-10-01",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-155288585.json"

platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

8.1:0

Fixed

8.1:2020-10-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "151557951542668385323084169615629007329",
                    "35591176492028662809276849305824430955",
                    "234505717090616670048737695321583792040",
                    "110285358669643541346533533357259098253",
                    "127969708814635331565682637667233593556",
                    "288514165275185747546512587650845225016",
                    "306661871994702363218617716011523904088",
                    "232422024136762475178539819335044069640",
                    "40979009376763407454503434191849886915",
                    "88254543267391149487694866823587822650",
                    "278374513136742507651875840621837922430",
                    "305135033786324732377071234700548246766",
                    "100183859666574453068076566454965420550",
                    "142085729645846270091208081924830198026",
                    "302736448690187893423725750093263926406",
                    "142239255895399827936464054614457599207",
                    "282131560218407174932987891712039082250",
                    "26976067077402376587252767035963982134",
                    "81945406323850562873013355745476159502",
                    "40753768224873948863152755608850404667",
                    "296916029076816626419060022072331715077",
                    "159497725433097650796998912311588947534",
                    "41641740387065732122377648834159941674",
                    "64197496753451651469386268593241775891",
                    "144038084806623166375169232034773857912",
                    "182674626209482967006223239622282416434",
                    "192642429458984428591294607902318272151",
                    "242865644505457240446592149605363802885",
                    "79480452752204968157347203175591870775",
                    "50442890568951793745685232262974491695",
                    "301339917948643692737007669984015773073",
                    "263530958302554902904754018810669118820",
                    "160950281043115131567192029326301894373",
                    "161994518442362508998141715326651875349"
                ]
            },
            "id": "ASB-A-155288585-7179bfba",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminListPreferenceController.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "107413060849419495253365581260117780211",
                    "98186087523755489488079000024707275670",
                    "27150345268256271064036936226926244304",
                    "303809243070601088574232491052641824502"
                ]
            },
            "id": "ASB-A-155288585-8063f4c1",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/widget/AppSwitchPreference.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/4794b798c427c53a9d0f8c608c367a3e6469ed5f",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2020-10-01",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-155288585.json"

platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

9:0

Fixed

9:2020-10-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "107413060849419495253365581260117780211",
                    "98186087523755489488079000024707275670",
                    "27150345268256271064036936226926244304",
                    "303809243070601088574232491052641824502"
                ]
            },
            "id": "ASB-A-155288585-03b1a240",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/widget/AppSwitchPreference.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "151557951542668385323084169615629007329",
                    "35591176492028662809276849305824430955",
                    "234505717090616670048737695321583792040",
                    "110285358669643541346533533357259098253",
                    "127969708814635331565682637667233593556",
                    "288514165275185747546512587650845225016",
                    "306661871994702363218617716011523904088",
                    "232422024136762475178539819335044069640",
                    "40979009376763407454503434191849886915",
                    "88254543267391149487694866823587822650",
                    "278374513136742507651875840621837922430",
                    "305135033786324732377071234700548246766",
                    "100183859666574453068076566454965420550",
                    "142085729645846270091208081924830198026",
                    "302736448690187893423725750093263926406",
                    "142239255895399827936464054614457599207",
                    "282131560218407174932987891712039082250",
                    "26976067077402376587252767035963982134",
                    "81945406323850562873013355745476159502",
                    "40753768224873948863152755608850404667",
                    "296916029076816626419060022072331715077",
                    "159497725433097650796998912311588947534",
                    "41641740387065732122377648834159941674",
                    "64197496753451651469386268593241775891",
                    "144038084806623166375169232034773857912",
                    "182674626209482967006223239622282416434",
                    "192642429458984428591294607902318272151",
                    "242865644505457240446592149605363802885",
                    "79480452752204968157347203175591870775",
                    "50442890568951793745685232262974491695",
                    "301339917948643692737007669984015773073",
                    "263530958302554902904754018810669118820",
                    "160950281043115131567192029326301894373",
                    "161994518442362508998141715326651875349"
                ]
            },
            "id": "ASB-A-155288585-baf8fb82",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminListPreferenceController.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/4794b798c427c53a9d0f8c608c367a3e6469ed5f",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2020-10-01",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-155288585.json"

platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

10:0

Fixed

10:2020-10-01

Affected versions

Other

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "107413060849419495253365581260117780211",
                    "98186087523755489488079000024707275670",
                    "27150345268256271064036936226926244304",
                    "303809243070601088574232491052641824502"
                ]
            },
            "id": "ASB-A-155288585-402d5776",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/widget/AppSwitchPreference.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "151557951542668385323084169615629007329",
                    "35591176492028662809276849305824430955",
                    "234505717090616670048737695321583792040",
                    "110285358669643541346533533357259098253",
                    "127969708814635331565682637667233593556",
                    "288514165275185747546512587650845225016",
                    "306661871994702363218617716011523904088",
                    "232422024136762475178539819335044069640",
                    "40979009376763407454503434191849886915",
                    "88254543267391149487694866823587822650",
                    "278374513136742507651875840621837922430",
                    "305135033786324732377071234700548246766",
                    "100183859666574453068076566454965420550",
                    "142085729645846270091208081924830198026",
                    "302736448690187893423725750093263926406",
                    "142239255895399827936464054614457599207",
                    "282131560218407174932987891712039082250",
                    "26976067077402376587252767035963982134",
                    "81945406323850562873013355745476159502",
                    "40753768224873948863152755608850404667",
                    "296916029076816626419060022072331715077",
                    "159497725433097650796998912311588947534",
                    "41641740387065732122377648834159941674",
                    "64197496753451651469386268593241775891",
                    "144038084806623166375169232034773857912",
                    "182674626209482967006223239622282416434",
                    "192642429458984428591294607902318272151",
                    "242865644505457240446592149605363802885",
                    "79480452752204968157347203175591870775",
                    "50442890568951793745685232262974491695",
                    "301339917948643692737007669984015773073",
                    "263530958302554902904754018810669118820",
                    "160950281043115131567192029326301894373",
                    "161994518442362508998141715326651875349"
                ]
            },
            "id": "ASB-A-155288585-488c08c9",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminListPreferenceController.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/4794b798c427c53a9d0f8c608c367a3e6469ed5f",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ee4ec4b33fddb16606136f656db186ada767e8a5"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2020-10-01",
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-155288585.json"