ASB-A-196969991
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-196969991.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-196969991
- Aliases
-
- A-196969991
- CVE-2021-39669
- Published
- 2022-02-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In onCreate of InstallCaCertificateWarning.java, there is a possible way to mislead an user about CA installation circumstances due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145984119826412137887365522958836089525",
"271052047774614255638688547336811261574",
"224193718576649971686208176432179941336",
"26052711315840096758655900168490125215",
"19758000283772949421970430401752037216",
"231780248116023935241289224723633017776",
"5963155973267531247118367759010803150",
"231647953475335774548604836890325105971",
"277782101132118132337762346633651364229",
"11405855597529914175509968925046682398",
"228846984088668657800784480770303483416",
"128096002704900087706872204186613580550",
"297765655423998637937568255368111140652"
]
},
"id": "ASB-A-196969991-82a26a49",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/fca5cb37486fb1072d6233670b2fd66e555b07c1",
"target": {
"file": "src/com/android/settings/security/InstallCaCertificateWarning.java"
}
},
{
"digest": {
"length": 765.0,
"function_hash": "129563255700159500139202060907951319404"
},
"id": "ASB-A-196969991-bb18f3de",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/fca5cb37486fb1072d6233670b2fd66e555b07c1",
"target": {
"function": "onCreate",
"file": "src/com/android/settings/security/InstallCaCertificateWarning.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/fca5cb37486fb1072d6233670b2fd66e555b07c1"
],
"types": [
"EoP"
],
"spl": "2022-02-01",
"severity": "High"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145984119826412137887365522958836089525",
"123128323951627989715413380461821386545",
"253179951563642523207565695142790672985",
"68028135725796721549778570627646983169",
"282538426059907412126287408171392107523",
"231780248116023935241289224723633017776",
"5963155973267531247118367759010803150",
"231647953475335774548604836890325105971",
"277782101132118132337762346633651364229",
"11405855597529914175509968925046682398",
"228846984088668657800784480770303483416",
"128096002704900087706872204186613580550",
"297765655423998637937568255368111140652"
]
},
"id": "ASB-A-196969991-255e10f8",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/02e8f56e67b91b0909c713bcbb949800f244b30a",
"target": {
"file": "src/com/android/settings/security/InstallCaCertificateWarning.java"
}
},
{
"digest": {
"length": 929.0,
"function_hash": "299861993106954700750925095272088265859"
},
"id": "ASB-A-196969991-bc89e90e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/02e8f56e67b91b0909c713bcbb949800f244b30a",
"target": {
"function": "onCreate",
"file": "src/com/android/settings/security/InstallCaCertificateWarning.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/02e8f56e67b91b0909c713bcbb949800f244b30a"
],
"types": [
"EoP"
],
"spl": "2022-02-01",
"severity": "High"
}