ASB-A-197399948

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-197399948.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-197399948
Aliases
  • A-197399948
  • CVE-2021-39619
Published
2022-02-01T00:00:00Z
Modified
2025-11-21T16:23:56.435667Z
Summary
[none]
Details

In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2022-02-01

Affected versions

Other

11

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
        "https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba"
    ],
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "161288774986468459565598269355725474126",
                    "329396616622648099673251094480453682320",
                    "82919312261015283337183742791808614994",
                    "284289165421573062469083324324379657460"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba",
            "target": {
                "file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
            },
            "id": "ASB-A-197399948-263482e7"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "295747577431459138783214723720080232905",
                    "284102654686353315162191421088996306752",
                    "205811105208257373080435321540328406603",
                    "24006742917773354257830731092932731825"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
            },
            "id": "ASB-A-197399948-319aceca"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 548.0,
                "function_hash": "64069718129752272757733867112281767204"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba",
            "target": {
                "file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java",
                "function": "getProfileOwnerOrDeviceOwnerSupervisionComponent"
            },
            "id": "ASB-A-197399948-492d3891"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 1078.0,
                "function_hash": "50669996759498033534389717371549312843"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "onUserUnlocked"
            },
            "id": "ASB-A-197399948-6fb884aa"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "15739382261802027219805524109958553171",
                    "83055523982731680864442203307070783829",
                    "249381843647272814530559664511844422731",
                    "143445173573346503148343587426827100370",
                    "225465234577136177189757495045717378526",
                    "226899043618569941573107987308122350282",
                    "51983829634456079565805743014984841708",
                    "244849471679284245038178134250138285525",
                    "218820991025253401821410482186891620670",
                    "331949163597479799158265316572296283876",
                    "39186085366517114522806795243763238682",
                    "15633697030816666283926675216609553680",
                    "228090997483910925565025739251462788499",
                    "197745402981386281872755660143205306586",
                    "239363138978407201000673741134613025674",
                    "256963025264698054208211999444657656656",
                    "31315585709597617104668309672027895373",
                    "106201848419137870731740730809753017104",
                    "267364722753785665518956730195524321916",
                    "99564816612558946276983966100947043631",
                    "300474009991802540557028093826625215306",
                    "322468563243676142441922248531886555564",
                    "211940618594829629862818398484546639629",
                    "416264071013621142915355892345999272",
                    "243716861918668127527609794798764688213",
                    "273720738432000563901986357892796216409",
                    "60942699856907583210476725975665242144",
                    "171733751866352277524439972633375272027",
                    "302855100772343148077561813406514953986",
                    "79889171199037347484830656693083135322"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java"
            },
            "id": "ASB-A-197399948-79139123"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "336200022059160673240919356441507459810",
                    "36906959071589781806062529309887947352",
                    "233643822989951525812035392603806752462",
                    "166409102187358587779608842692043076865"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "core/java/android/app/admin/DevicePolicyManagerInternal.java"
            },
            "id": "ASB-A-197399948-887a32b5"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "294000136547875564545556699428084151041",
                    "211297050413554240476058039634847173079",
                    "143313904946101124634068262691300295460",
                    "255571295653408443153054036156108007627",
                    "334925152493268290078990351438316343278",
                    "213753662072708839768878308899966299679",
                    "28955006826260217234658032458366402310",
                    "265849404837441911542066898713137355573",
                    "248196663749833259145235904742724346881",
                    "105752448507465380360905222333222051508",
                    "109576485519562356834803063396979496656"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java"
            },
            "id": "ASB-A-197399948-957ff780"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 336.0,
                "function_hash": "102687475184540260045167994145509247762"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "updatePackageMappingsData"
            },
            "id": "ASB-A-197399948-a1b312bc"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 173.0,
                "function_hash": "221615865002871341262882931611708328409"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "onPackageRemoved"
            },
            "id": "ASB-A-197399948-a665c563"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 129.0,
                "function_hash": "281705368494756598023915314414454137099"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
                "function": "readPackageMappingsLocked"
            },
            "id": "ASB-A-197399948-aaa12215"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 1030.0,
                "function_hash": "126774655612492578839911798546135594086"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
                "function": "init"
            },
            "id": "ASB-A-197399948-df25a0a0"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 559.0,
                "function_hash": "43948881933829829712620205739512579887"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "initializeUserUsageStatsServiceLocked"
            },
            "id": "ASB-A-197399948-e27a7867"
        }
    ],
    "spl": "2022-02-01",
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-02-01

Affected versions

Other

12

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936"
    ],
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 173.0,
                "function_hash": "221615865002871341262882931611708328409"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "onPackageRemoved"
            },
            "id": "ASB-A-197399948-034f8b90"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 129.0,
                "function_hash": "281705368494756598023915314414454137099"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
                "function": "readPackageMappingsLocked"
            },
            "id": "ASB-A-197399948-4b90d552"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 1030.0,
                "function_hash": "126774655612492578839911798546135594086"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
                "function": "init"
            },
            "id": "ASB-A-197399948-50313b31"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 559.0,
                "function_hash": "43948881933829829712620205739512579887"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "initializeUserUsageStatsServiceLocked"
            },
            "id": "ASB-A-197399948-56f35fea"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "223646346993315910025240562215812420112",
                    "110703602815063758305781773348771812583",
                    "162588307292105271166375227178807872428",
                    "220240408338143051924735606130638831438"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "core/java/android/app/admin/DevicePolicyManagerInternal.java"
            },
            "id": "ASB-A-197399948-5e7a2dcd"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 1071.0,
                "function_hash": "267254102727102143179115606751468653269"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "onUserUnlocked"
            },
            "id": "ASB-A-197399948-776a0c56"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "294000136547875564545556699428084151041",
                    "211297050413554240476058039634847173079",
                    "143313904946101124634068262691300295460",
                    "255571295653408443153054036156108007627",
                    "334925152493268290078990351438316343278",
                    "213753662072708839768878308899966299679",
                    "28955006826260217234658032458366402310",
                    "265849404837441911542066898713137355573",
                    "248196663749833259145235904742724346881",
                    "105752448507465380360905222333222051508",
                    "109576485519562356834803063396979496656"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java"
            },
            "id": "ASB-A-197399948-8683d7a6"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "295747577431459138783214723720080232905",
                    "280439223326171210138082892347267803714",
                    "57239724231739173197057376658607875646",
                    "168335576442741944574395425002770237373"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
            },
            "id": "ASB-A-197399948-8f282f12"
        },
        {
            "signature_type": "Function",
            "deprecated": false,
            "digest": {
                "length": 336.0,
                "function_hash": "102687475184540260045167994145509247762"
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
                "function": "updatePackageMappingsData"
            },
            "id": "ASB-A-197399948-b21db239"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "15739382261802027219805524109958553171",
                    "83055523982731680864442203307070783829",
                    "221589340389745726470519205209280265657",
                    "101513283102489886137992453619082761320",
                    "225465234577136177189757495045717378526",
                    "210564825910831840877352262484962317423",
                    "106433831250179573380334664304378785811",
                    "168111487789716588099930351368084743894",
                    "218820991025253401821410482186891620670",
                    "331949163597479799158265316572296283876",
                    "39186085366517114522806795243763238682",
                    "15633697030816666283926675216609553680",
                    "228090997483910925565025739251462788499",
                    "197745402981386281872755660143205306586",
                    "239363138978407201000673741134613025674",
                    "256963025264698054208211999444657656656",
                    "31315585709597617104668309672027895373",
                    "106201848419137870731740730809753017104",
                    "267364722753785665518956730195524321916",
                    "99564816612558946276983966100947043631",
                    "300474009991802540557028093826625215306",
                    "152884693162892210560404995673133831473",
                    "256401372802382245587432424746463345892",
                    "416264071013621142915355892345999272",
                    "243716861918668127527609794798764688213",
                    "273720738432000563901986357892796216409",
                    "60942699856907583210476725975665242144",
                    "171733751866352277524439972633375272027",
                    "302855100772343148077561813406514953986",
                    "79889171199037347484830656693083135322"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
            "target": {
                "file": "services/usage/java/com/android/server/usage/UsageStatsService.java"
            },
            "id": "ASB-A-197399948-eb5123cd"
        }
    ],
    "spl": "2022-02-01",
    "severity": "High"
}