ASB-A-197399948
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-197399948.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-197399948
- Aliases
-
- A-197399948
- CVE-2021-39619
- Published
- 2022-02-01T00:00:00Z
- Modified
- 2025-07-15T14:57:05.684759Z
- Summary
- [none]
- Details
-
In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"161288774986468459565598269355725474126",
"329396616622648099673251094480453682320",
"82919312261015283337183742791808614994",
"284289165421573062469083324324379657460"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba",
"deprecated": false,
"id": "ASB-A-197399948-263482e7",
"signature_type": "Line",
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"295747577431459138783214723720080232905",
"284102654686353315162191421088996306752",
"205811105208257373080435321540328406603",
"24006742917773354257830731092932731825"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-319aceca",
"signature_type": "Line",
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
}
},
{
"digest": {
"function_hash": "64069718129752272757733867112281767204",
"length": 548.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba",
"deprecated": false,
"id": "ASB-A-197399948-492d3891",
"signature_type": "Function",
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java",
"function": "getProfileOwnerOrDeviceOwnerSupervisionComponent"
}
},
{
"digest": {
"function_hash": "50669996759498033534389717371549312843",
"length": 1078.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-6fb884aa",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "onUserUnlocked"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"15739382261802027219805524109958553171",
"83055523982731680864442203307070783829",
"249381843647272814530559664511844422731",
"143445173573346503148343587426827100370",
"225465234577136177189757495045717378526",
"226899043618569941573107987308122350282",
"51983829634456079565805743014984841708",
"244849471679284245038178134250138285525",
"218820991025253401821410482186891620670",
"331949163597479799158265316572296283876",
"39186085366517114522806795243763238682",
"15633697030816666283926675216609553680",
"228090997483910925565025739251462788499",
"197745402981386281872755660143205306586",
"239363138978407201000673741134613025674",
"256963025264698054208211999444657656656",
"31315585709597617104668309672027895373",
"106201848419137870731740730809753017104",
"267364722753785665518956730195524321916",
"99564816612558946276983966100947043631",
"300474009991802540557028093826625215306",
"322468563243676142441922248531886555564",
"211940618594829629862818398484546639629",
"416264071013621142915355892345999272",
"243716861918668127527609794798764688213",
"273720738432000563901986357892796216409",
"60942699856907583210476725975665242144",
"171733751866352277524439972633375272027",
"302855100772343148077561813406514953986",
"79889171199037347484830656693083135322"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-79139123",
"signature_type": "Line",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"336200022059160673240919356441507459810",
"36906959071589781806062529309887947352",
"233643822989951525812035392603806752462",
"166409102187358587779608842692043076865"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-887a32b5",
"signature_type": "Line",
"target": {
"file": "core/java/android/app/admin/DevicePolicyManagerInternal.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"294000136547875564545556699428084151041",
"211297050413554240476058039634847173079",
"143313904946101124634068262691300295460",
"255571295653408443153054036156108007627",
"334925152493268290078990351438316343278",
"213753662072708839768878308899966299679",
"28955006826260217234658032458366402310",
"265849404837441911542066898713137355573",
"248196663749833259145235904742724346881",
"105752448507465380360905222333222051508",
"109576485519562356834803063396979496656"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-957ff780",
"signature_type": "Line",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java"
}
},
{
"digest": {
"function_hash": "102687475184540260045167994145509247762",
"length": 336.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-a1b312bc",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "updatePackageMappingsData"
}
},
{
"digest": {
"function_hash": "221615865002871341262882931611708328409",
"length": 173.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-a665c563",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "onPackageRemoved"
}
},
{
"digest": {
"function_hash": "281705368494756598023915314414454137099",
"length": 129.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-aaa12215",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
"function": "readPackageMappingsLocked"
}
},
{
"digest": {
"function_hash": "126774655612492578839911798546135594086",
"length": 1030.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-df25a0a0",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
"function": "init"
}
},
{
"digest": {
"function_hash": "43948881933829829712620205739512579887",
"length": 559.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"deprecated": false,
"id": "ASB-A-197399948-e27a7867",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "initializeUserUsageStatsServiceLocked"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d95ce6779da8410c5835385cb5785fb5b3a51d83",
"https://android.googlesource.com/platform/frameworks/base/+/b5fa0a6c5e96c420c1f6d808be603c4579f9a1ba"
],
"spl": "2022-02-01"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"function_hash": "221615865002871341262882931611708328409",
"length": 173.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-034f8b90",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "onPackageRemoved"
}
},
{
"digest": {
"function_hash": "281705368494756598023915314414454137099",
"length": 129.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-4b90d552",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
"function": "readPackageMappingsLocked"
}
},
{
"digest": {
"function_hash": "126774655612492578839911798546135594086",
"length": 1030.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-50313b31",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java",
"function": "init"
}
},
{
"digest": {
"function_hash": "43948881933829829712620205739512579887",
"length": 559.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-56f35fea",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "initializeUserUsageStatsServiceLocked"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223646346993315910025240562215812420112",
"110703602815063758305781773348771812583",
"162588307292105271166375227178807872428",
"220240408338143051924735606130638831438"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-5e7a2dcd",
"signature_type": "Line",
"target": {
"file": "core/java/android/app/admin/DevicePolicyManagerInternal.java"
}
},
{
"digest": {
"function_hash": "267254102727102143179115606751468653269",
"length": 1071.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-776a0c56",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "onUserUnlocked"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"294000136547875564545556699428084151041",
"211297050413554240476058039634847173079",
"143313904946101124634068262691300295460",
"255571295653408443153054036156108007627",
"334925152493268290078990351438316343278",
"213753662072708839768878308899966299679",
"28955006826260217234658032458366402310",
"265849404837441911542066898713137355573",
"248196663749833259145235904742724346881",
"105752448507465380360905222333222051508",
"109576485519562356834803063396979496656"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-8683d7a6",
"signature_type": "Line",
"target": {
"file": "services/usage/java/com/android/server/usage/UserUsageStatsService.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"295747577431459138783214723720080232905",
"280439223326171210138082892347267803714",
"57239724231739173197057376658607875646",
"168335576442741944574395425002770237373"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-8f282f12",
"signature_type": "Line",
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
}
},
{
"digest": {
"function_hash": "102687475184540260045167994145509247762",
"length": 336.0
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-b21db239",
"signature_type": "Function",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java",
"function": "updatePackageMappingsData"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"15739382261802027219805524109958553171",
"83055523982731680864442203307070783829",
"221589340389745726470519205209280265657",
"101513283102489886137992453619082761320",
"225465234577136177189757495045717378526",
"210564825910831840877352262484962317423",
"106433831250179573380334664304378785811",
"168111487789716588099930351368084743894",
"218820991025253401821410482186891620670",
"331949163597479799158265316572296283876",
"39186085366517114522806795243763238682",
"15633697030816666283926675216609553680",
"228090997483910925565025739251462788499",
"197745402981386281872755660143205306586",
"239363138978407201000673741134613025674",
"256963025264698054208211999444657656656",
"31315585709597617104668309672027895373",
"106201848419137870731740730809753017104",
"267364722753785665518956730195524321916",
"99564816612558946276983966100947043631",
"300474009991802540557028093826625215306",
"152884693162892210560404995673133831473",
"256401372802382245587432424746463345892",
"416264071013621142915355892345999272",
"243716861918668127527609794798764688213",
"273720738432000563901986357892796216409",
"60942699856907583210476725975665242144",
"171733751866352277524439972633375272027",
"302855100772343148077561813406514953986",
"79889171199037347484830656693083135322"
]
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936",
"deprecated": false,
"id": "ASB-A-197399948-eb5123cd",
"signature_type": "Line",
"target": {
"file": "services/usage/java/com/android/server/usage/UsageStatsService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/157fbcfbe4b38075391aef5b4977d45702a06936"
],
"spl": "2022-02-01"
}