ASB-A-195630721
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-195630721.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-195630721
- Aliases
-
- A-195630721
- CVE-2021-0922
- Published
- 2021-11-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass of INTERACTACROSSPROFILES permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/external/robolectric-shadows
Package
- Name
- platform/external/robolectric-shadows
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"214021334590066474496824465320029488018",
"309336616964255325581366393534202365825",
"218333329684848256719210833091252961184"
]
},
"id": "ASB-A-195630721-31444b7e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/external/robolectric-shadows/+/35fd431402a9506a0dfc0ff6eb98cfc44cf0d005",
"target": {
"file": "shadows/framework/src/main/java/org/robolectric/shadows/ShadowUserManager.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/external/robolectric-shadows/+/35fd431402a9506a0dfc0ff6eb98cfc44cf0d005"
],
"types": [
"EoP"
],
"spl": "2021-11-01",
"severity": "Moderate"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"36440763643325087480298598606293624342",
"78646175382410085160817668818514440905",
"235607508670757907218867539703409031148",
"283380243976296285749083634646080816561",
"272601194905720528706441519394509945216",
"148068607651191350719224651179563632194",
"81377823625941608618686273478787482095",
"281903242336386226517528698656415167515",
"40009769075193760380369938814394409695",
"323473453907297942964183741209418660046",
"236660585723886523345678390114302348905",
"254451119805343564028933895977390827574",
"251857102603463444737090880801210839258",
"127159839787866092011543240506455800516",
"286751197653580262393456552016190519530",
"114423963501467031325089116850493097874",
"31994915925146021468290948491711738817",
"271323692190888647119274243943029107251",
"216214254815745083059225198969938336884",
"326662269531774520907531269443715729883",
"162399504348032358504313214641011786999",
"80660688282474858409408107575960131674",
"172597663243983133768617860617640030055",
"179374689263116747570172275321245957486",
"302887788176794412926806109320253202498",
"193445072868321469678327441235802235510",
"236383336076514265538879525176051810607",
"237564831378471029267682587567440184575",
"268791223609598792150412487565424528314",
"201891198106383073362640243425161002229",
"4241457864200304409377960898032746144",
"152466423921533568375119328796207373355",
"290490411124407951379733706484703129335",
"155122048248351996057683755138843582297",
"290075757119411105122214201375927285450"
]
},
"id": "ASB-A-195630721-4f89865c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/be1752c13f694de4d637870214e0124d43087302",
"target": {
"file": "services/core/java/com/android/server/pm/CrossProfileAppsServiceImpl.java"
}
},
{
"digest": {
"length": 379.0,
"function_hash": "217154528592214342561438573420167394610"
},
"id": "ASB-A-195630721-706ca402",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/be1752c13f694de4d637870214e0124d43087302",
"target": {
"function": "maybeLogSetInteractAcrossProfilesAppOp",
"file": "services/core/java/com/android/server/pm/CrossProfileAppsServiceImpl.java"
}
},
{
"digest": {
"length": 501.0,
"function_hash": "230191903940525289883466150449923591345"
},
"id": "ASB-A-195630721-cbc13dc1",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/be1752c13f694de4d637870214e0124d43087302",
"target": {
"function": "sendCanInteractAcrossProfilesChangedBroadcast",
"file": "services/core/java/com/android/server/pm/CrossProfileAppsServiceImpl.java"
}
},
{
"digest": {
"length": 978.0,
"function_hash": "335696647735241454399446868439174072597"
},
"id": "ASB-A-195630721-f421a73a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/be1752c13f694de4d637870214e0124d43087302",
"target": {
"function": "setInteractAcrossProfilesAppOpForUserOrThrow",
"file": "services/core/java/com/android/server/pm/CrossProfileAppsServiceImpl.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/be1752c13f694de4d637870214e0124d43087302"
],
"types": [
"EoP"
],
"spl": "2021-11-01",
"severity": "Moderate"
}platform/packages/apps/ManagedProvisioning
Package
- Name
- platform/packages/apps/ManagedProvisioning
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 278.0,
"function_hash": "31360376185732910915859343132468117286"
},
"id": "ASB-A-195630721-08f0f59f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/a356e46bcee7be220e6f0d946dee61986c0ed178",
"target": {
"function": "appOpIsChangedFromDefault",
"file": "src/com/android/managedprovisioning/task/UpdateInteractAcrossProfilesAppOpTask.java"
}
},
{
"digest": {
"length": 183.0,
"function_hash": "198608002809830810643517678199986151617"
},
"id": "ASB-A-195630721-2dd241cd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/a356e46bcee7be220e6f0d946dee61986c0ed178",
"target": {
"function": "updateAfterOtaChanges",
"file": "src/com/android/managedprovisioning/task/UpdateInteractAcrossProfilesAppOpTask.java"
}
},
{
"digest": {
"length": 418.0,
"function_hash": "62563792173665600381352342271179639531"
},
"id": "ASB-A-195630721-e089d0bf",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/a356e46bcee7be220e6f0d946dee61986c0ed178",
"target": {
"function": "grantNewConfigurableDefaultCrossProfilePackages",
"file": "src/com/android/managedprovisioning/task/UpdateInteractAcrossProfilesAppOpTask.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"115401877956807721271473992195793090813",
"179331988837941024569409114167190761879",
"16088433780555473181584891538926530457",
"218009912418503671940160426401491804018",
"287282509207486409845023027285420657077",
"60690539419849708968456274968461487979",
"122538000252583299514687750420744064265",
"18663525714527528274117164698436208722",
"202479120569784572966934893084986593118",
"156715334077897945571971377847277916231",
"137127234154086374740546258955175176886",
"217870117801283358241326015088896536583",
"130349601687311682181277804554021500976",
"176729859293257270339372119502224302050",
"179575897479343405427285765437441540859",
"305820052545428065016040445145279725472",
"193370507704134731490362701280148149265",
"11599929572358354186009072428915720136",
"38923417280291753318338635147936954115",
"2494129082059629057733334358359433687",
"252985389150814096497888632191905880659",
"267411571091836686416160794405077344585",
"18367669789577395102201838220794274424",
"111014968170476510442027934986226916959",
"277850929566400537212888117763457709811",
"54876256156630208787339162093961841358",
"165991904104123668155332380512289380122",
"260185972171578686780968566903331702442",
"166714544838933888056589877313408967286",
"84925411292309658385490234979782116278",
"312062478012729280326991076921334391470",
"191238579001067522705096865401762407680",
"209540420578694369937829668346363955767",
"227474661934597852750095825195371151435"
]
},
"id": "ASB-A-195630721-f29b90e8",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/a356e46bcee7be220e6f0d946dee61986c0ed178",
"target": {
"file": "src/com/android/managedprovisioning/task/UpdateInteractAcrossProfilesAppOpTask.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/a356e46bcee7be220e6f0d946dee61986c0ed178",
"https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/0dd1b6508bb4a6ba350fedb8ea95df9ab4ed3d9c"
],
"types": [
"EoP"
],
"spl": "2021-11-01",
"severity": "Moderate"
}