ASB-A-205460459
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-205460459.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-205460459
- Aliases
-
- A-205460459
- CVE-2023-21121
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2025-12-03T17:21:58.191574Z
- Summary
- [none]
- Details
-
In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"spl": "2023-06-01",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/144f295d7aa66bae8556ba030553a49615eab0b2"
],
"severity": "High",
"vanir_signatures": [
{
"target": {
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"line_hashes": [
"336100995050413396604471046648600747849",
"233882185629320992900811583433312763653",
"169475600195102551663482568947621592996",
"138976026468197361305544239673336673748",
"65722198661626460178036131866155434626",
"146502439951923890752064417977749965207",
"10489224675326360169937944298108627188",
"320286596383278763278850603948381854077",
"39382189436603757696375603499394713214",
"160958246367428725531599932442622386403",
"263165266821543551694449496447563157168",
"315783981943385040222749311193035456925",
"312571804431002265272936749576775009138",
"104444946036314211310406435294382749482",
"124353133627749518534529019590134664639",
"144387863575053294813869966197099787824",
"307470470953315320748151102485094306132",
"128565645273646527655933501064344012106",
"36865207056263286051620466905085997709",
"55667397478318779775218318655419813694",
"40285273992944341741454608899694859150",
"121400873625339409260913546196572036600"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/144f295d7aa66bae8556ba030553a49615eab0b2",
"deprecated": false,
"id": "ASB-A-205460459-66a87eb0",
"signature_type": "Line"
},
{
"target": {
"function": "onResume",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 244.0,
"function_hash": "158236566380373166559928339748576547146"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/144f295d7aa66bae8556ba030553a49615eab0b2",
"deprecated": false,
"id": "ASB-A-205460459-8392d31e",
"signature_type": "Function"
},
{
"target": {
"function": "onCreate",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 641.0,
"function_hash": "251843551499729755438027679969059996354"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/144f295d7aa66bae8556ba030553a49615eab0b2",
"deprecated": false,
"id": "ASB-A-205460459-ce648294",
"signature_type": "Function"
}
]
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"spl": "2023-06-01",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/dddd74a491a206178feb10d5ef983d5cd273504d",
"https://android.googlesource.com/platform/packages/apps/Settings/+/ac6b0bdef68e99e0a34656a2148483d7cb77159e"
],
"severity": "High",
"vanir_signatures": [
{
"target": {
"function": "onCreate",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 779.0,
"function_hash": "134236406536163048824416588806975961357"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dddd74a491a206178feb10d5ef983d5cd273504d",
"deprecated": false,
"id": "ASB-A-205460459-525d493f",
"signature_type": "Function"
},
{
"target": {
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"line_hashes": [
"336100995050413396604471046648600747849",
"233882185629320992900811583433312763653",
"169475600195102551663482568947621592996",
"138976026468197361305544239673336673748",
"65722198661626460178036131866155434626",
"146502439951923890752064417977749965207",
"10489224675326360169937944298108627188",
"320286596383278763278850603948381854077",
"39382189436603757696375603499394713214",
"160958246367428725531599932442622386403",
"263165266821543551694449496447563157168",
"315783981943385040222749311193035456925",
"130302758141056424715037336227520422018",
"263844474475902709715843794546083027205",
"269648731598388075701986185670181440561",
"144387863575053294813869966197099787824",
"307470470953315320748151102485094306132",
"128565645273646527655933501064344012106",
"36865207056263286051620466905085997709",
"55667397478318779775218318655419813694",
"40285273992944341741454608899694859150",
"121400873625339409260913546196572036600"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dddd74a491a206178feb10d5ef983d5cd273504d",
"deprecated": false,
"id": "ASB-A-205460459-55624690",
"signature_type": "Line"
},
{
"target": {
"function": "onResume",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 244.0,
"function_hash": "158236566380373166559928339748576547146"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/dddd74a491a206178feb10d5ef983d5cd273504d",
"deprecated": false,
"id": "ASB-A-205460459-af18bd9a",
"signature_type": "Function"
}
]
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"spl": "2023-06-01",
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/5935cae639adca89d6fa0a682669963ddeb1caa2",
"https://android.googlesource.com/platform/packages/apps/Settings/+/aedbfeb8b85eff1f28fcaaf71d0826f76f7afab7"
],
"severity": "High",
"vanir_signatures": [
{
"target": {
"function": "onCreate",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 641.0,
"function_hash": "251843551499729755438027679969059996354"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5935cae639adca89d6fa0a682669963ddeb1caa2",
"deprecated": false,
"id": "ASB-A-205460459-0d062f4d",
"signature_type": "Function"
},
{
"target": {
"function": "onResume",
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"length": 244.0,
"function_hash": "158236566380373166559928339748576547146"
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5935cae639adca89d6fa0a682669963ddeb1caa2",
"deprecated": false,
"id": "ASB-A-205460459-1884e8af",
"signature_type": "Function"
},
{
"target": {
"file": "src/com/android/settings/vpn2/AppManagementFragment.java"
},
"digest": {
"line_hashes": [
"336100995050413396604471046648600747849",
"233882185629320992900811583433312763653",
"169475600195102551663482568947621592996",
"138976026468197361305544239673336673748",
"65722198661626460178036131866155434626",
"146502439951923890752064417977749965207",
"10489224675326360169937944298108627188",
"320286596383278763278850603948381854077",
"39382189436603757696375603499394713214",
"160958246367428725531599932442622386403",
"263165266821543551694449496447563157168",
"315783981943385040222749311193035456925",
"312571804431002265272936749576775009138",
"104444946036314211310406435294382749482",
"124353133627749518534529019590134664639",
"144387863575053294813869966197099787824",
"307470470953315320748151102485094306132",
"128565645273646527655933501064344012106",
"36865207056263286051620466905085997709",
"55667397478318779775218318655419813694",
"40285273992944341741454608899694859150",
"121400873625339409260913546196572036600"
],
"threshold": 0.9
},
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5935cae639adca89d6fa0a682669963ddeb1caa2",
"deprecated": false,
"id": "ASB-A-205460459-57dd84d8",
"signature_type": "Line"
}
]
}