ASB-A-200688991
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-200688991.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-200688991
- Aliases
-
- A-200688991
- CVE-2021-39707
- Published
- 2022-03-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In onReceive of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"25773313590578301909770280378145394169",
"998002664358991226549625720005163034",
"184557601896126998774372606455908481492",
"8725612031362875280293404008541639922",
"263652157868942015372852595692019924264",
"266345770853377246326559123612364591999",
"92886632093687862575761156928663257027",
"5125628849487778448830293822799454652",
"229984845727493768315449970480846857775",
"120783485870668307593467657794719425133",
"248990728719954200371713960077160859241",
"192497369389172935363379212909343471421",
"267786699608572883225187067660587640153",
"111871638115009029157642403469356194843",
"235513615326855201199349692386757969529",
"82542431251053983535395211463109219730",
"150311428605553795670256246034595443020",
"104148611440174321452056313171669862655",
"25375867160530765286428555796606026667",
"339978714582775340128437482086169236936"
]
},
"id": "ASB-A-200688991-1637f245",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/f57d75f127fe96e91250585208a339763f1a2253",
"target": {
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 688.0,
"function_hash": "248855116433774637405381666376387624271"
},
"id": "ASB-A-200688991-290f1e4b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/f57d75f127fe96e91250585208a339763f1a2253",
"target": {
"function": "onReceive",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 466.0,
"function_hash": "126382469407775841340500000808370560677"
},
"id": "ASB-A-200688991-e3a088d4",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/f57d75f127fe96e91250585208a339763f1a2253",
"target": {
"function": "assertSafeToStartCustomActivity",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/f57d75f127fe96e91250585208a339763f1a2253"
],
"types": [
"EoP"
],
"spl": "2022-03-01",
"severity": "High"
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"25773313590578301909770280378145394169",
"998002664358991226549625720005163034",
"184557601896126998774372606455908481492",
"8725612031362875280293404008541639922",
"263652157868942015372852595692019924264",
"266345770853377246326559123612364591999",
"92886632093687862575761156928663257027",
"5125628849487778448830293822799454652",
"229984845727493768315449970480846857775",
"120783485870668307593467657794719425133",
"248990728719954200371713960077160859241",
"192497369389172935363379212909343471421",
"267786699608572883225187067660587640153",
"111871638115009029157642403469356194843",
"235513615326855201199349692386757969529",
"82542431251053983535395211463109219730",
"150311428605553795670256246034595443020",
"104148611440174321452056313171669862655",
"25375867160530765286428555796606026667",
"339978714582775340128437482086169236936"
]
},
"id": "ASB-A-200688991-a463f1a8",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dc44d01a16461027ace52eb30faa9281e102ed3a",
"target": {
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 466.0,
"function_hash": "126382469407775841340500000808370560677"
},
"id": "ASB-A-200688991-e140e50e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dc44d01a16461027ace52eb30faa9281e102ed3a",
"target": {
"function": "assertSafeToStartCustomActivity",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 688.0,
"function_hash": "248855116433774637405381666376387624271"
},
"id": "ASB-A-200688991-e8d569fe",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dc44d01a16461027ace52eb30faa9281e102ed3a",
"target": {
"function": "onReceive",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/dc44d01a16461027ace52eb30faa9281e102ed3a"
],
"types": [
"EoP"
],
"spl": "2022-03-01",
"severity": "High"
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"25773313590578301909770280378145394169",
"998002664358991226549625720005163034",
"184557601896126998774372606455908481492",
"8725612031362875280293404008541639922",
"263652157868942015372852595692019924264",
"266345770853377246326559123612364591999",
"92886632093687862575761156928663257027",
"5125628849487778448830293822799454652",
"229984845727493768315449970480846857775",
"120783485870668307593467657794719425133",
"248990728719954200371713960077160859241",
"192497369389172935363379212909343471421",
"267786699608572883225187067660587640153",
"111871638115009029157642403469356194843",
"235513615326855201199349692386757969529",
"82542431251053983535395211463109219730",
"150311428605553795670256246034595443020",
"104148611440174321452056313171669862655",
"25375867160530765286428555796606026667",
"339978714582775340128437482086169236936"
]
},
"id": "ASB-A-200688991-39f69d17",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99261879727c972c2fdcc44ee1ed47d4de52b7bf",
"target": {
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 688.0,
"function_hash": "248855116433774637405381666376387624271"
},
"id": "ASB-A-200688991-56be47e1",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99261879727c972c2fdcc44ee1ed47d4de52b7bf",
"target": {
"function": "onReceive",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 466.0,
"function_hash": "126382469407775841340500000808370560677"
},
"id": "ASB-A-200688991-67410139",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99261879727c972c2fdcc44ee1ed47d4de52b7bf",
"target": {
"function": "assertSafeToStartCustomActivity",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/99261879727c972c2fdcc44ee1ed47d4de52b7bf"
],
"types": [
"EoP"
],
"spl": "2022-03-01",
"severity": "High"
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"25773313590578301909770280378145394169",
"998002664358991226549625720005163034",
"184557601896126998774372606455908481492",
"8725612031362875280293404008541639922",
"263652157868942015372852595692019924264",
"266345770853377246326559123612364591999",
"92886632093687862575761156928663257027",
"5125628849487778448830293822799454652",
"229984845727493768315449970480846857775",
"120783485870668307593467657794719425133",
"248990728719954200371713960077160859241",
"192497369389172935363379212909343471421",
"267786699608572883225187067660587640153",
"111871638115009029157642403469356194843",
"235513615326855201199349692386757969529",
"82542431251053983535395211463109219730",
"150311428605553795670256246034595443020",
"104148611440174321452056313171669862655",
"25375867160530765286428555796606026667",
"339978714582775340128437482086169236936"
]
},
"id": "ASB-A-200688991-03bc1b2e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4fb753d22e6a2505b1667950d153bc03ad8ae422",
"target": {
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 688.0,
"function_hash": "248855116433774637405381666376387624271"
},
"id": "ASB-A-200688991-e41ae46b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4fb753d22e6a2505b1667950d153bc03ad8ae422",
"target": {
"function": "onReceive",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
},
{
"digest": {
"length": 466.0,
"function_hash": "126382469407775841340500000808370560677"
},
"id": "ASB-A-200688991-ef6e77bd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4fb753d22e6a2505b1667950d153bc03ad8ae422",
"target": {
"function": "assertSafeToStartCustomActivity",
"file": "src/com/android/settings/users/AppRestrictionsFragment.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/4fb753d22e6a2505b1667950d153bc03ad8ae422"
],
"types": [
"EoP"
],
"spl": "2022-03-01",
"severity": "High"
}