ASB-A-205130886
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-205130886.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-205130886
- Aliases
-
- A-205130886
- CVE-2021-39758
- Published
- 2022-10-01T00:00:00Z
- Modified
- 2026-06-10T14:58:40.911641763Z
- Summary
- [none]
- Details
-
In createPresentationContext of Presentation.java, there is a possible way to start a foreground activity from background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"29840440586258169693462454076158925556",
"213396486038452831278377549094169843602",
"228445899389099079593691071735995055390",
"251578245069968599296638591181347011752",
"333900397814330802755872188782388426748",
"73164140829396596013584142068435983733",
"57908055369602442342969322100064423101",
"322529904216023784252135970667632781390",
"9750100643542470922863240679374362718",
"333122694766293271160191850213446839841",
"75798385379077713637207440080716134025"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "ASB-A-205130886-20dedc0b",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c97296e9d9d2bad7bdd2d34c9428ba5f092fa8c1",
"target": {
"file": "services/core/java/com/android/server/wm/RootWindowContainer.java"
}
},
{
"digest": {
"length": 199.0,
"function_hash": "118031723022519068736264188622598971298"
},
"deprecated": false,
"signature_type": "Function",
"id": "ASB-A-205130886-adba426d",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c97296e9d9d2bad7bdd2d34c9428ba5f092fa8c1",
"target": {
"function": "isAnyNonToastWindowVisibleForUid",
"file": "services/core/java/com/android/server/wm/RootWindowContainer.java"
}
}
],
"severity": "Moderate",
"spl": "2022-10-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/c97296e9d9d2bad7bdd2d34c9428ba5f092fa8c1"
],
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 105.0,
"function_hash": "309892185118692997003263110580644362314"
},
"deprecated": false,
"signature_type": "Function",
"id": "ASB-A-205130886-353bac28",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/778191bdf21661b41030f9308e095c0445dec33c",
"target": {
"function": "isNonToastOrStarting",
"file": "services/core/java/com/android/server/wm/WindowState.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"10313335488045220910035931167300170355",
"261372803265082561517492750361881604635",
"278399851811985462604047126646984147638",
"75641407910770251937695312410220914176",
"50169372483916373397872568910188853356",
"99847271758102256908039258320305980609",
"206496492593111140008101430373728818789",
"295136802722067114420916440743897339347",
"327629897799297319038583944539384123633",
"121227489019215725058657148439372717846",
"170590786134876909076710201705065516382"
]
},
"deprecated": false,
"signature_type": "Line",
"id": "ASB-A-205130886-fb44b63e",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/778191bdf21661b41030f9308e095c0445dec33c",
"target": {
"file": "services/core/java/com/android/server/wm/WindowState.java"
}
}
],
"severity": "Moderate",
"spl": "2022-10-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/778191bdf21661b41030f9308e095c0445dec33c"
],
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "Moderate",
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"332816131073195698316323346625055011373",
"248018738654998027143918272432072286269",
"171592344151606292867477664931624942558",
"94859399021469200881821990861703741625"
]
},
"deprecated": false,
"signature_type": "Line",
"target": {
"file": "services/core/java/com/android/server/wm/WindowState.java"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/88e98e0a853f7530d61aab13dea2bfc9792e3f32",
"id": "ASB-A-205130886-14eb8a35"
},
{
"digest": {
"length": 520.0,
"function_hash": "237856969500410895529135917091395492974"
},
"deprecated": false,
"signature_type": "Function",
"target": {
"function": "onSurfaceShownChanged",
"file": "services/core/java/com/android/server/wm/WindowState.java"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/88e98e0a853f7530d61aab13dea2bfc9792e3f32",
"id": "ASB-A-205130886-7363d6c3"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/88e98e0a853f7530d61aab13dea2bfc9792e3f32"
],
"spl": "2022-10-01"
}