ASB-A-202312327
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-202312327.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-202312327
- Aliases
-
- A-202312327
- CVE-2021-39694
- Published
- 2022-03-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In parse of RoleParser.java, there is a possible way for default apps to get permissions explicitly denied by the user due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"spl": "2022-03-01",
"severity": "High",
"types": [
"EoP"
],
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"signature_version": "v1",
"id": "ASB-A-202312327-585f4204",
"digest": {
"threshold": 0.9,
"line_hashes": [
"121578046762402760678451496766722934098",
"82162443013285345151826544704580319998",
"116745813951158498584025616739610164313",
"29812320765426490626524666859772648553"
]
},
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/RoleParser.java"
},
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"signature_version": "v1",
"id": "ASB-A-202312327-f0dd9bb9",
"digest": {
"length": 4409.0,
"function_hash": "262304303829255986312520805563047167242"
},
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/RoleParser.java",
"function": "parseRole"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"https://android.googlesource.com/platform/packages/modules/Permission/+/6352f97b38b45c40113014cc68d85360616a18ce"
]
}
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"spl": "2022-03-01",
"severity": "High",
"types": [
"EoP"
],
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"signature_version": "v1",
"id": "ASB-A-202312327-8e4c69dd",
"digest": {
"threshold": 0.9,
"line_hashes": [
"121578046762402760678451496766722934098",
"82162443013285345151826544704580319998",
"116745813951158498584025616739610164313",
"29812320765426490626524666859772648553"
]
},
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/RoleParser.java"
},
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"signature_version": "v1",
"id": "ASB-A-202312327-d778ee52",
"digest": {
"length": 4409.0,
"function_hash": "262304303829255986312520805563047167242"
},
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/RoleParser.java",
"function": "parseRole"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/a360d5f391d02be49a2dbf46e912fe0b2155f9fd",
"https://android.googlesource.com/platform/packages/modules/Permission/+/6352f97b38b45c40113014cc68d85360616a18ce"
]
}