ASB-A-229793943
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-229793943.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-229793943
- Aliases
-
- A-229793943
- CVE-2022-20446
- Published
- 2022-11-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-11-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 345.0,
"function_hash": "268792081833298830603257468193885673443"
},
"id": "ASB-A-229793943-151184d9",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/VoiceInteractionService.java",
"function": "createAlwaysOnHotwordDetector"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39429120922972198039769161851563903144",
"304950215424159639588088796210239162319",
"57642196958783616466379264766939045864",
"60334943284025406376342977394125157395",
"296228706799292982907803889574622517196",
"203805057697325936155584747953553774042",
"8133263302634861355611963773430441834",
"20144300044472442296513035297518135922",
"130176514558918806152083455453960710763",
"65093502078892191955959796958331491968",
"33537364027611131541703298593840510511",
"127098640926403445488826403784410097840",
"151832990210662342220484884656486526965",
"8095637008444099761797145653665595392",
"308428658724877478203466980467177494144",
"157027092499714355110571361720986751702",
"15824715075697299905140779585916893921",
"179695989650876631991712152881802208719",
"286773877196749645231423464000591592960",
"186756668137126204243070899508891192209",
"221457834034628629866299955269269317175",
"36281802697082366426670928781953652586",
"178488359190798483900294763329980687690",
"48653496613556041111274170255486618035",
"13976730259860965856247133048222613436",
"7970470052891484227333512704102074361",
"12974091039369178675710623946723542848",
"96294922619740244301185886444154145657",
"29270376455032366522667763755489441970",
"20196236264471553709552736195331307437",
"233621658303085992823897883593113697349",
"195146928299530768606602707629795191444",
"295766841397103983367986761161725152328",
"231035214251319719830587864351657260461",
"779629645106547034772293086899090508",
"301433702036868720322766033796874068731",
"49624355514319690820746129819664554137",
"283770066080112878199243981070752693240",
"43087646627270497658598744043341937219"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-255f8828",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 259.0,
"function_hash": "192919914355958042483241079762620216395"
},
"id": "ASB-A-229793943-25bbb502",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "stopRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 802.0,
"function_hash": "106222795401219275711242485874643388852"
},
"id": "ASB-A-229793943-3884a7de",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "startRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 391.0,
"function_hash": "309122013809544488715615301484441877822"
},
"id": "ASB-A-229793943-6707f8ff",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "stopRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 475.0,
"function_hash": "209212899586811252712319966473640781068"
},
"id": "ASB-A-229793943-6d692344",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "internalGetInitialAvailability"
}
},
{
"signature_type": "Function",
"digest": {
"length": 217.0,
"function_hash": "304899824646000021907389210412498240030"
},
"id": "ASB-A-229793943-76a2963e",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "getDspModuleProperties"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"71850842956664155650407501270331963066",
"186057487005214590133014466041155756732",
"79244779593358975916961476030459684841",
"111091331210675167050311121788391967219"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-88861fc7",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/VoiceInteractionService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 443.0,
"function_hash": "263183374449922987837066702325598751573"
},
"id": "ASB-A-229793943-a8a58387",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "startRecognition"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"103665268779873828901717305872462452203",
"176038228102208840979227146243238134766",
"241516124482182919531028886553761451992",
"24969762068506326160961342198286487007",
"261944822222860686288861484427612421754",
"137786394222868463414079341245717815221",
"131869129459473334597385685526189025662",
"123591928327660673218321269807564497679",
"156661038651416837767410303045498640173",
"55840117949601117445307583655024185812",
"189154813020768443255903581507529284177",
"295336304350017095124074295089434270769",
"88730673901478514309017150748047786483",
"248797779783433515875543567000265980529",
"74944550283950425979889379478751673871"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-af4122ab",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 453.0,
"function_hash": "226945093887177471514695802275283137004"
},
"id": "ASB-A-229793943-c2b9c5ca",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "AlwaysOnHotwordDetector"
}
},
{
"signature_type": "Function",
"digest": {
"length": 340.0,
"function_hash": "180644587877536539582372726651525889003"
},
"id": "ASB-A-229793943-d3d90e99",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "onSoundModelsChanged"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/e4e77f45700bcbc56aa6d6ffc094e0e0ae78190a"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-11-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 199.0,
"function_hash": "121163304685669064801147153599401173943"
},
"id": "ASB-A-229793943-183aaa1f",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "getDspModuleProperties"
}
},
{
"signature_type": "Function",
"digest": {
"length": 144.0,
"function_hash": "75261566191425585188056694307240062170"
},
"id": "ASB-A-229793943-2200a90b",
"match_only_versions": [
"11"
],
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"signature_version": "v1",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "getSupportedAudioCapabilities"
},
"deprecated": true
},
{
"signature_type": "Function",
"digest": {
"length": 332.0,
"function_hash": "160596218525656894270415911529633157251"
},
"id": "ASB-A-229793943-2428a053",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/VoiceInteractionService.java",
"function": "createAlwaysOnHotwordDetector"
}
},
{
"signature_type": "Function",
"digest": {
"length": 325.0,
"function_hash": "251411570944482449770537259056503763098"
},
"id": "ASB-A-229793943-3b9733c8",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "setParameter"
}
},
{
"signature_type": "Function",
"digest": {
"length": 391.0,
"function_hash": "309122013809544488715615301484441877822"
},
"id": "ASB-A-229793943-3c273e48",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "stopRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 292.0,
"function_hash": "218087066791735831450394535137307342728"
},
"id": "ASB-A-229793943-40def9a0",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "queryParameter"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39429120922972198039769161851563903144",
"117890962540872620823203818321233744637",
"118415992287012760099097902506508925232",
"293087356082566798363745234050478847060",
"54150644513883517900145624334680268198",
"191754956005059456503966720902922643488",
"8133263302634861355611963773430441834",
"20144300044472442296513035297518135922",
"130176514558918806152083455453960710763",
"84043303120838937372012352086566273413",
"209040505048499201741824801988944347898",
"181269475831526145757641504029105210475",
"151832990210662342220484884656486526965",
"8095637008444099761797145653665595392",
"156960803996515009614616410198885984543",
"158248979936375384349290818324673943421",
"11511238941924046858154939196159495969",
"286773877196749645231423464000591592960",
"115100939880717158036513774413586161054",
"111940522371380421965869963742101527466",
"39913039416366101726715494019934010351",
"275236796086632068950982007994230457488",
"64667782517250038566513056047410945564",
"67848175416080239913387570286991526945",
"178488359190798483900294763329980687690",
"46357406777809237045124121212485436147",
"270146187345033499818523850464349144495",
"175217144884994071926622330513154372872",
"66817363122483711407669306843766938641",
"176959706660054070101783645027166812282",
"13976730259860965856247133048222613436",
"7970470052891484227333512704102074361",
"12974091039369178675710623946723542848",
"96294922619740244301185886444154145657",
"29270376455032366522667763755489441970",
"20196236264471553709552736195331307437",
"233621658303085992823897883593113697349",
"38928174972728894798780628785891760602",
"318020180769958064745181150720248022959",
"207054907524307960449038075257602413896",
"118493861930775334639814735406253004551",
"60594132601172219935231149376243329242",
"57477500921344994023246205012115392343",
"276363256189857807118275468513992784451",
"282312607648101469343700398972707739001",
"300970083969183107519365745290024735943",
"45916812174170777426318047399252274449",
"304157192807688088413053615528789121884",
"229557134002949299128076675913748315910",
"333880835429090839180744885059092721654",
"266455696464354231959567005244521123324",
"301433702036868720322766033796874068731",
"49624355514319690820746129819664554137",
"283770066080112878199243981070752693240",
"43087646627270497658598744043341937219"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-662a9ac7",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 327.0,
"function_hash": "129205427447181081647778101757515409278"
},
"id": "ASB-A-229793943-67ecf429",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "AlwaysOnHotwordDetector"
}
},
{
"signature_type": "Function",
"digest": {
"length": 443.0,
"function_hash": "263183374449922987837066702325598751573"
},
"id": "ASB-A-229793943-73a80c14",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "startRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 288.0,
"function_hash": "67504798280387632059188109663395131331"
},
"id": "ASB-A-229793943-7672e482",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "getParameter"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"71850842956664155650407501270331963066",
"23811837602777859803716522196686206152",
"218180269284275994672357611955584636558",
"259338822093399307637241271699964510020"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-77c945f5",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/VoiceInteractionService.java"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"55824939962680051179440163111295607849",
"276480800319649749443048588413509462470",
"74875233791813765017285193355724001969",
"286306047286077873288157880837551624768",
"223608018001954816028804605581661874543",
"53096620931555397110537196885405924502",
"34292642266004627072256145991639388958",
"224825319390532417462144722040111557303",
"275505201579371436989431831930085413345",
"218786043703238320221024953805976699080",
"243808722196243408854790390209296126983",
"315851049973466965960087411137577680596",
"166734037699511194776569826221094504040",
"3286713179502397198204931492514272067",
"307557744827734319397101083426308618540",
"163285364139514902005427702345691499014",
"291498217275191668737841181807132868230",
"138216753513874267857829048376397024126",
"70458956568163504524288979819039482756",
"70441278338043826199252656309406397615",
"251301715081416765391259814986586881929",
"198129955424184079481420337743264718533",
"322706825037750360624691711069340219668",
"200472649355358673497686473917751085933",
"120879771770049083017505929568406199284",
"17522803828384757346319709367550813825",
"291732220753007243050125945115427518046"
],
"threshold": 0.9
},
"id": "ASB-A-229793943-7c808f5e",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 275.0,
"function_hash": "218806517626778073723430364948979538760"
},
"id": "ASB-A-229793943-99884e62",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "setParameter"
}
},
{
"signature_type": "Function",
"digest": {
"length": 253.0,
"function_hash": "6388109976811691982819738453053202572"
},
"id": "ASB-A-229793943-a16b6b81",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "getParameter"
}
},
{
"signature_type": "Function",
"digest": {
"length": 239.0,
"function_hash": "325209012025704191590391678518182872170"
},
"id": "ASB-A-229793943-ac2aba41",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "stopRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 322.0,
"function_hash": "8830155571170381923029893228280576471"
},
"id": "ASB-A-229793943-c1076387",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "internalGetInitialAvailability"
}
},
{
"signature_type": "Function",
"digest": {
"length": 792.0,
"function_hash": "50816120120273683774063267458630200916"
},
"id": "ASB-A-229793943-db19e019",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "startRecognition"
}
},
{
"signature_type": "Function",
"digest": {
"length": 253.0,
"function_hash": "6388109976811691982819738453053202572"
},
"id": "ASB-A-229793943-e455eba4",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "services/voiceinteraction/java/com/android/server/voiceinteraction/VoiceInteractionManagerService.java",
"function": "queryParameter"
}
},
{
"signature_type": "Function",
"digest": {
"length": 345.0,
"function_hash": "56800311192390566272125734333754509010"
},
"id": "ASB-A-229793943-fb854068",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09",
"target": {
"file": "core/java/android/service/voice/AlwaysOnHotwordDetector.java",
"function": "onSoundModelsChanged"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/525690ce16c1c7a48b7880897a4349e2dda0ca09"
]
}