ASB-A-233605527

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-233605527.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-233605527
Aliases
Published
2025-01-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2025-01-01

Affected versions

Other
15-next

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/f19514065f9807f579d3cbb45feee96184f36411"
    ],
    "spl": "2025-01-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/f19514065f9807f579d3cbb45feee96184f36411",
            "target": {
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "271386596174838460193387806319468664293",
                    "246810172530391874320035258365755324038",
                    "234733233448374129766506202653716240446",
                    "304319747724297934888211609965756361563",
                    "301521369216643593970466158097590294188",
                    "84717479905374598172268611885049970860",
                    "295415119472706017610704514205668575047",
                    "260913852173745355656013809836594692834"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-7bc0b080"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/f19514065f9807f579d3cbb45feee96184f36411",
            "target": {
                "function": "onCreateDialog",
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "99751798087559639081598668288973230162",
                "length": 1314.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-7de0e05e"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/f19514065f9807f579d3cbb45feee96184f36411",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "169336749586218159473139282774134854889",
                "length": 4243.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-b2cb59af"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/f19514065f9807f579d3cbb45feee96184f36411",
            "target": {
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "139897962216699736742181233425162167032",
                    "220590923285174547950214650603364643732",
                    "77262789827853445517462766554704932148"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-bd84f76c"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2025-01-01

Affected versions

Other
12

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/2de5d72a3cd83be5adafd00bfef50850784c21c9"
    ],
    "spl": "2025-01-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/2de5d72a3cd83be5adafd00bfef50850784c21c9",
            "target": {
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "276381530802206527641111603323052654265",
                    "7995517934657804647775531674347883746",
                    "251527085332140698884099667620247418761",
                    "170028048836128503969773428803977617087",
                    "301521369216643593970466158097590294188",
                    "84717479905374598172268611885049970860",
                    "295415119472706017610704514205668575047",
                    "260913852173745355656013809836594692834"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-0a4657b4"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/2de5d72a3cd83be5adafd00bfef50850784c21c9",
            "target": {
                "function": "onCreateDialog",
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "99751798087559639081598668288973230162",
                "length": 1314.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-615cedc0"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/2de5d72a3cd83be5adafd00bfef50850784c21c9",
            "target": {
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "139897962216699736742181233425162167032",
                    "220590923285174547950214650603364643732",
                    "77262789827853445517462766554704932148"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-819591f4"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/2de5d72a3cd83be5adafd00bfef50850784c21c9",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "298408937990283233481199121595131026300",
                "length": 4127.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-ea35dca7"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2025-01-01

Affected versions

Other
12L

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/14c45fc9056f9841e51533fda4805e8ee5cdce51"
    ],
    "spl": "2025-01-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/14c45fc9056f9841e51533fda4805e8ee5cdce51",
            "target": {
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "139897962216699736742181233425162167032",
                    "220590923285174547950214650603364643732",
                    "77262789827853445517462766554704932148"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-1a673a0e"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/14c45fc9056f9841e51533fda4805e8ee5cdce51",
            "target": {
                "function": "onCreateDialog",
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "99751798087559639081598668288973230162",
                "length": 1314.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-2e65bd43"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/14c45fc9056f9841e51533fda4805e8ee5cdce51",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "298408937990283233481199121595131026300",
                "length": 4127.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-5d281394"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/14c45fc9056f9841e51533fda4805e8ee5cdce51",
            "target": {
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "276381530802206527641111603323052654265",
                    "7995517934657804647775531674347883746",
                    "251527085332140698884099667620247418761",
                    "170028048836128503969773428803977617087",
                    "301521369216643593970466158097590294188",
                    "84717479905374598172268611885049970860",
                    "295415119472706017610704514205668575047",
                    "260913852173745355656013809836594692834"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-add44acb"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-01-01

Affected versions

Other
15

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/5178a952e18ee66f1b3c14796708d0d60058a157"
    ],
    "spl": "2025-01-01",
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2025-01-01

Affected versions

Other
13

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c"
    ],
    "spl": "2025-01-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "140832134287710410728917235462454892895",
                    "69661308799903031711319181534987625419",
                    "36140893569871441780965343496012081278",
                    "212613829433508033093884891075251292156",
                    "139897962216699736742181233425162167032",
                    "220590923285174547950214650603364643732",
                    "77262789827853445517462766554704932148"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-195e02a4"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "7399082904591817902057891077307787146",
                "length": 4028.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-38961b6b"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "271386596174838460193387806319468664293",
                    "246810172530391874320035258365755324038",
                    "234733233448374129766506202653716240446",
                    "304319747724297934888211609965756361563",
                    "301521369216643593970466158097590294188",
                    "84717479905374598172268611885049970860",
                    "295415119472706017610704514205668575047",
                    "260913852173745355656013809836594692834"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-4d7a7b44"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "function": "onCreateDialog",
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "99751798087559639081598668288973230162",
                "length": 1314.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-bb4d4a70"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"
platform/packages/apps/DocumentsUI

Package

Name
platform/packages/apps/DocumentsUI

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2025-01-01

Affected versions

Other
14

Ecosystem specific 

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c"
    ],
    "spl": "2025-01-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "function": "onCreateDialog",
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "99751798087559639081598668288973230162",
                "length": 1314.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-0334497b"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "7399082904591817902057891077307787146",
                "length": 4028.0
            },
            "signature_type": "Function",
            "id": "ASB-A-233605527-4d424a17"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "file": "src/com/android/documentsui/BaseActivity.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "140832134287710410728917235462454892895",
                    "69661308799903031711319181534987625419",
                    "36140893569871441780965343496012081278",
                    "212613829433508033093884891075251292156",
                    "139897962216699736742181233425162167032",
                    "220590923285174547950214650603364643732",
                    "77262789827853445517462766554704932148"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-771a40d2"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/DocumentsUI/+/0f5f4b53ad43b891cc04ef8bd059e28fba1cc44c",
            "target": {
                "file": "src/com/android/documentsui/picker/ConfirmFragment.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "271386596174838460193387806319468664293",
                    "246810172530391874320035258365755324038",
                    "234733233448374129766506202653716240446",
                    "304319747724297934888211609965756361563",
                    "301521369216643593970466158097590294188",
                    "84717479905374598172268611885049970860",
                    "295415119472706017610704514205668575047",
                    "260913852173745355656013809836594692834"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-233605527-a9cfcd31"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-233605527.json"