ASB-A-174302616

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-174302616.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-174302616
Aliases
  • A-174302616
  • CVE-2021-0485
Published
2021-05-01T00:00:00Z
Modified
2026-06-16T15:04:57.126039127Z
Summary
[none]
Details

In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-05-01

Affected versions

Other
11

Ecosystem specific 

{
    "types": [
        "EoP"
    ],
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441"
    ],
    "spl": "2021-05-01",
    "vanir_signatures": [
        {
            "id": "ASB-A-174302616-0c59c1cb",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java",
                "function": "getMinimalSize"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "106201601010299145585447321464861678273",
                "length": 251.0
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441",
            "deprecated": false
        },
        {
            "id": "ASB-A-174302616-38b2a866",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java",
                "function": "PipTaskOrganizer"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "38270790604965674303231817038993593383",
                "length": 623.0
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441",
            "deprecated": false
        },
        {
            "deprecated": false,
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/pip/PipTaskOrganizer.java"
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2a18b15dfbb8c494ab58679c4aceb83da9683441",
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "29423217611525036359366842984240799869",
                    "260836352169657055896056881854618202853",
                    "74046802530112980557606519752672990267",
                    "202103378685570828381906692132500514453",
                    "127532565344631251922900014984402553205",
                    "279668657787672416944238137887772574359",
                    "314849036492053437374114127825960437279",
                    "159394261980478723164312727262794516839",
                    "105158130817451219931314261434466208045",
                    "337360107215965921915790033944722334371",
                    "286298943190374247481558240908275313816",
                    "160160188110895454978245210431843381470",
                    "20382678865945742883966417935566373972",
                    "326562095577746172990329223450046278177",
                    "156246733889041436681599665204314047732",
                    "253210455020553412915312729508445722267"
                ],
                "threshold": 0.9
            },
            "id": "ASB-A-174302616-3a89798a",
            "signature_type": "Line"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-174302616.json"