ASB-A-203229608
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-203229608.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-203229608
- Aliases
-
- A-203229608
- CVE-2022-20358
- Published
- 2022-08-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In startSync of AbstractThreadedSyncAdapter.java, there is a possible way to access protected content of content providers due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 189.0,
"function_hash": "23096037474672351052542667682054836969"
},
"id": "ASB-A-203229608-01a9064b",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "onUnsyncableAccount"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"322400280918135422706966235496911822283",
"254498682045391772804932203699266630890",
"179276403088554147119883537526889642889",
"282014528196759218477197451146887462406",
"65900348616326605297043079686785056953",
"215083058926083630847961054012045150546",
"106079145532905219669608228690671274802",
"283822823360417186884813107879533168484",
"125989896934915065894894688464265918803",
"205759945961187433774754748926977232987",
"84262161981391449687274516786370733663",
"46959678495744431603609192445435028763",
"46541165844700443694768212791724736018",
"209781946595908064742536814629121429047",
"60169708086742002015782174066392747414",
"190552234122100859095967742255409600208",
"43128430397075442698815650927709577097",
"209443256192360575367099289505881979864",
"262410595781490426960587823616748873998",
"194164563629677825341209254574691101076",
"238962504983600306593283541589522584948",
"197659230500706096526867334507135010744",
"133130405312019099252778147057515651104",
"143329196078543705119238900982267278322"
],
"threshold": 0.9
},
"id": "ASB-A-203229608-2cc41428",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 1275.0,
"function_hash": "15657221728455951155093637392133169178"
},
"id": "ASB-A-203229608-442f60b9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "startSync"
}
},
{
"signature_type": "Function",
"digest": {
"length": 769.0,
"function_hash": "159351572810310767380620140586165721701"
},
"id": "ASB-A-203229608-c4f6c6c6",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "cancelSync"
}
}
],
"types": [
"ID"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 189.0,
"function_hash": "23096037474672351052542667682054836969"
},
"id": "ASB-A-203229608-03ac4371",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "onUnsyncableAccount"
}
},
{
"signature_type": "Function",
"digest": {
"length": 769.0,
"function_hash": "159351572810310767380620140586165721701"
},
"id": "ASB-A-203229608-18979a87",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "cancelSync"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"322400280918135422706966235496911822283",
"254498682045391772804932203699266630890",
"179276403088554147119883537526889642889",
"282014528196759218477197451146887462406",
"65900348616326605297043079686785056953",
"215083058926083630847961054012045150546",
"106079145532905219669608228690671274802",
"283822823360417186884813107879533168484",
"125989896934915065894894688464265918803",
"205759945961187433774754748926977232987",
"84262161981391449687274516786370733663",
"46959678495744431603609192445435028763",
"46541165844700443694768212791724736018",
"209781946595908064742536814629121429047",
"60169708086742002015782174066392747414",
"190552234122100859095967742255409600208",
"43128430397075442698815650927709577097",
"209443256192360575367099289505881979864",
"262410595781490426960587823616748873998",
"194164563629677825341209254574691101076",
"238962504983600306593283541589522584948",
"197659230500706096526867334507135010744",
"133130405312019099252778147057515651104",
"143329196078543705119238900982267278322"
],
"threshold": 0.9
},
"id": "ASB-A-203229608-535229ff",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 1275.0,
"function_hash": "15657221728455951155093637392133169178"
},
"id": "ASB-A-203229608-e8a5c199",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "startSync"
}
}
],
"types": [
"ID"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 189.0,
"function_hash": "23096037474672351052542667682054836969"
},
"id": "ASB-A-203229608-025f5fca",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "onUnsyncableAccount"
}
},
{
"signature_type": "Function",
"digest": {
"length": 769.0,
"function_hash": "159351572810310767380620140586165721701"
},
"id": "ASB-A-203229608-5ce98eab",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "cancelSync"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"322400280918135422706966235496911822283",
"254498682045391772804932203699266630890",
"179276403088554147119883537526889642889",
"282014528196759218477197451146887462406",
"65900348616326605297043079686785056953",
"215083058926083630847961054012045150546",
"106079145532905219669608228690671274802",
"283822823360417186884813107879533168484",
"125989896934915065894894688464265918803",
"205759945961187433774754748926977232987",
"84262161981391449687274516786370733663",
"46959678495744431603609192445435028763",
"46541165844700443694768212791724736018",
"209781946595908064742536814629121429047",
"60169708086742002015782174066392747414",
"190552234122100859095967742255409600208",
"43128430397075442698815650927709577097",
"209443256192360575367099289505881979864",
"262410595781490426960587823616748873998",
"194164563629677825341209254574691101076",
"238962504983600306593283541589522584948",
"197659230500706096526867334507135010744",
"133130405312019099252778147057515651104",
"143329196078543705119238900982267278322"
],
"threshold": 0.9
},
"id": "ASB-A-203229608-8fb7a56a",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 1275.0,
"function_hash": "15657221728455951155093637392133169178"
},
"id": "ASB-A-203229608-f59ded9a",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "startSync"
}
}
],
"types": [
"ID"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"322400280918135422706966235496911822283",
"254498682045391772804932203699266630890",
"179276403088554147119883537526889642889",
"282014528196759218477197451146887462406",
"65900348616326605297043079686785056953",
"215083058926083630847961054012045150546",
"106079145532905219669608228690671274802",
"283822823360417186884813107879533168484",
"125989896934915065894894688464265918803",
"205759945961187433774754748926977232987",
"84262161981391449687274516786370733663",
"46959678495744431603609192445435028763",
"46541165844700443694768212791724736018",
"209781946595908064742536814629121429047",
"60169708086742002015782174066392747414",
"190552234122100859095967742255409600208",
"43128430397075442698815650927709577097",
"209443256192360575367099289505881979864",
"262410595781490426960587823616748873998",
"194164563629677825341209254574691101076",
"238962504983600306593283541589522584948",
"197659230500706096526867334507135010744",
"133130405312019099252778147057515651104",
"143329196078543705119238900982267278322"
],
"threshold": 0.9
},
"id": "ASB-A-203229608-9289466b",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 1275.0,
"function_hash": "15657221728455951155093637392133169178"
},
"id": "ASB-A-203229608-aac5768d",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "startSync"
}
},
{
"signature_type": "Function",
"digest": {
"length": 189.0,
"function_hash": "23096037474672351052542667682054836969"
},
"id": "ASB-A-203229608-f4e7d50b",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "onUnsyncableAccount"
}
},
{
"signature_type": "Function",
"digest": {
"length": 769.0,
"function_hash": "159351572810310767380620140586165721701"
},
"id": "ASB-A-203229608-fcd70db9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff",
"target": {
"file": "core/java/android/content/AbstractThreadedSyncAdapter.java",
"function": "cancelSync"
}
}
],
"types": [
"ID"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/7d1397a54475ed7fee632339ef7c60b432f0fbff"
]
}