ASB-A-195748381
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-195748381.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-195748381
- Aliases
-
- A-195748381
- CVE-2021-0952
- Published
- 2021-12-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android
platform/packages/apps/Contacts
Package
- Name
- platform/packages/apps/Contacts
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1819.0,
"function_hash": "33710228034365950587107242472375266098"
},
"id": "ASB-A-195748381-130309fb",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "onActivityResult",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 658.0,
"function_hash": "314418117801851775801355691785811246598"
},
"id": "ASB-A-195748381-150a3476",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "doCropPhoto",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"297009647437187288351312534496057984541",
"38469369907873177461087543694196245761",
"321415984954187660629236682543188182871",
"272054503843800643377983096657675118706",
"211243339119699819273234614350551707603",
"230090811574423055686942903894849481240",
"180186510685095853057110917444232057232",
"102675008360826615964887147173645430316",
"18201849733337273009001638995212369039",
"309206389203258398850708434217568906961",
"103651622964447416465088003270726011314",
"160887830718248784768962514539007960381",
"35995487625435595485094658060379210616",
"75986618999617851885806937119284027442",
"261279452738273431249761987130227645760"
]
},
"id": "ASB-A-195748381-747d2d82",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"length": 173.0,
"function_hash": "179677790373120952691248773781147594472"
},
"id": "ASB-A-195748381-9085cbd7",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 184.0,
"function_hash": "297298836795236935448087114931872793637"
},
"id": "ASB-A-195748381-b947400e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223278207680195898951512275945111873585",
"244089033526537708944594960841179992814",
"63334131810626954617180635434969915156",
"323222867625324388110637694425113564436",
"312524547105340884440092928648807911551",
"244133901288040665864098417729068874748",
"100044497615972359408504530620295725419",
"210307963315060544596413630958488474882",
"307761566645295474480670835374025477452",
"325337384810327391145065627446683500717",
"60726150914499607586060425792476400273",
"163652942217467545884249545905377635004",
"69691961966343907956262108305030078463",
"135297140287006104911559077189726871358"
]
},
"id": "ASB-A-195748381-f3f2b5de",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389"
],
"types": [
"ID"
],
"spl": "2021-12-01",
"severity": "High"
}platform/packages/apps/Contacts
Package
- Name
- platform/packages/apps/Contacts
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 184.0,
"function_hash": "297298836795236935448087114931872793637"
},
"id": "ASB-A-195748381-03e52fdb",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"length": 173.0,
"function_hash": "179677790373120952691248773781147594472"
},
"id": "ASB-A-195748381-15e7b106",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 658.0,
"function_hash": "314418117801851775801355691785811246598"
},
"id": "ASB-A-195748381-5a488543",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "doCropPhoto",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"297009647437187288351312534496057984541",
"38469369907873177461087543694196245761",
"321415984954187660629236682543188182871",
"272054503843800643377983096657675118706",
"211243339119699819273234614350551707603",
"230090811574423055686942903894849481240",
"180186510685095853057110917444232057232",
"102675008360826615964887147173645430316",
"18201849733337273009001638995212369039",
"309206389203258398850708434217568906961",
"103651622964447416465088003270726011314",
"160887830718248784768962514539007960381",
"35995487625435595485094658060379210616",
"75986618999617851885806937119284027442",
"261279452738273431249761987130227645760"
]
},
"id": "ASB-A-195748381-7f7d8f3e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223278207680195898951512275945111873585",
"244089033526537708944594960841179992814",
"63334131810626954617180635434969915156",
"323222867625324388110637694425113564436",
"312524547105340884440092928648807911551",
"244133901288040665864098417729068874748",
"100044497615972359408504530620295725419",
"210307963315060544596413630958488474882",
"307761566645295474480670835374025477452",
"325337384810327391145065627446683500717",
"60726150914499607586060425792476400273",
"163652942217467545884249545905377635004",
"69691961966343907956262108305030078463",
"135297140287006104911559077189726871358"
]
},
"id": "ASB-A-195748381-a302240f",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 1819.0,
"function_hash": "33710228034365950587107242472375266098"
},
"id": "ASB-A-195748381-c9cf8f45",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "onActivityResult",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389"
],
"types": [
"ID"
],
"spl": "2021-12-01",
"severity": "High"
}platform/packages/apps/Contacts
Package
- Name
- platform/packages/apps/Contacts
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 173.0,
"function_hash": "179677790373120952691248773781147594472"
},
"id": "ASB-A-195748381-14db33ff",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 658.0,
"function_hash": "314418117801851775801355691785811246598"
},
"id": "ASB-A-195748381-4c1b28c5",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "doCropPhoto",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"297009647437187288351312534496057984541",
"38469369907873177461087543694196245761",
"321415984954187660629236682543188182871",
"272054503843800643377983096657675118706",
"211243339119699819273234614350551707603",
"230090811574423055686942903894849481240",
"180186510685095853057110917444232057232",
"102675008360826615964887147173645430316",
"18201849733337273009001638995212369039",
"309206389203258398850708434217568906961",
"103651622964447416465088003270726011314",
"160887830718248784768962514539007960381",
"35995487625435595485094658060379210616",
"75986618999617851885806937119284027442",
"261279452738273431249761987130227645760"
]
},
"id": "ASB-A-195748381-a95bc6ca",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223278207680195898951512275945111873585",
"244089033526537708944594960841179992814",
"63334131810626954617180635434969915156",
"323222867625324388110637694425113564436",
"312524547105340884440092928648807911551",
"244133901288040665864098417729068874748",
"100044497615972359408504530620295725419",
"210307963315060544596413630958488474882",
"307761566645295474480670835374025477452",
"325337384810327391145065627446683500717",
"60726150914499607586060425792476400273",
"163652942217467545884249545905377635004",
"69691961966343907956262108305030078463",
"135297140287006104911559077189726871358"
]
},
"id": "ASB-A-195748381-ae3262a0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 1819.0,
"function_hash": "33710228034365950587107242472375266098"
},
"id": "ASB-A-195748381-d67b2744",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "onActivityResult",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 184.0,
"function_hash": "297298836795236935448087114931872793637"
},
"id": "ASB-A-195748381-fd26ac0e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389"
],
"types": [
"ID"
],
"spl": "2021-12-01",
"severity": "High"
}platform/packages/apps/Contacts
Package
- Name
- platform/packages/apps/Contacts
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223278207680195898951512275945111873585",
"244089033526537708944594960841179992814",
"63334131810626954617180635434969915156",
"323222867625324388110637694425113564436",
"312524547105340884440092928648807911551",
"244133901288040665864098417729068874748",
"100044497615972359408504530620295725419",
"210307963315060544596413630958488474882",
"307761566645295474480670835374025477452",
"325337384810327391145065627446683500717",
"60726150914499607586060425792476400273",
"163652942217467545884249545905377635004",
"69691961966343907956262108305030078463",
"135297140287006104911559077189726871358"
]
},
"id": "ASB-A-195748381-009d7708",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"297009647437187288351312534496057984541",
"38469369907873177461087543694196245761",
"321415984954187660629236682543188182871",
"272054503843800643377983096657675118706",
"211243339119699819273234614350551707603",
"230090811574423055686942903894849481240",
"180186510685095853057110917444232057232",
"102675008360826615964887147173645430316",
"18201849733337273009001638995212369039",
"309206389203258398850708434217568906961",
"103651622964447416465088003270726011314",
"160887830718248784768962514539007960381",
"35995487625435595485094658060379210616",
"75986618999617851885806937119284027442",
"261279452738273431249761987130227645760"
]
},
"id": "ASB-A-195748381-3299212d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"length": 1819.0,
"function_hash": "33710228034365950587107242472375266098"
},
"id": "ASB-A-195748381-3dac08dd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "onActivityResult",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 173.0,
"function_hash": "179677790373120952691248773781147594472"
},
"id": "ASB-A-195748381-80013b57",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/activities/AttachPhotoActivity.java"
}
},
{
"digest": {
"length": 184.0,
"function_hash": "297298836795236935448087114931872793637"
},
"id": "ASB-A-195748381-bdd7ad26",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "hasIntentHandler",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
},
{
"digest": {
"length": 658.0,
"function_hash": "314418117801851775801355691785811246598"
},
"id": "ASB-A-195748381-da0c6cae",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389",
"target": {
"function": "doCropPhoto",
"file": "src/com/android/contacts/detail/PhotoSelectionHandler.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Contacts/+/8b19ca470847f5f77d5b2e5dd086aae9ad4ea389"
],
"types": [
"ID"
],
"spl": "2021-12-01",
"severity": "High"
}