ASB-A-239701237
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-239701237.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-239701237
- Aliases
-
- A-239701237
- CVE-2022-20449
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"60676264421018491029098267007649352048",
"96880129610797312730379785827976580551",
"8916979314763594955163789788798071519",
"190311535256337988751608138939726760505",
"17941578793664301904950243975030905922",
"197600117250010257420588618957093355606",
"53797310922398388453958968680970082509",
"17234656718489223855727244315471540302",
"4494566512991468182257035036658827013",
"308688002306591719534515716485546701452",
"292882381086839317005526967849453008923"
],
"threshold": 0.9
},
"id": "ASB-A-239701237-08a5238b",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 553.0,
"function_hash": "3665991346729794305463037127088892183"
},
"id": "ASB-A-239701237-8b04e4e2",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java",
"function": "setApplicationRestrictions"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"60676264421018491029098267007649352048",
"96880129610797312730379785827976580551",
"8916979314763594955163789788798071519",
"190311535256337988751608138939726760505",
"17941578793664301904950243975030905922",
"197600117250010257420588618957093355606",
"53797310922398388453958968680970082509",
"17234656718489223855727244315471540302",
"4494566512991468182257035036658827013",
"308688002306591719534515716485546701452",
"292882381086839317005526967849453008923"
],
"threshold": 0.9
},
"id": "ASB-A-239701237-5b74ef30",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 553.0,
"function_hash": "3665991346729794305463037127088892183"
},
"id": "ASB-A-239701237-feb6426a",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java",
"function": "setApplicationRestrictions"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/cfcfe6ca8c545f78603c05e23687f8638fd4b51d"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"8726669358009533754711768650652471102",
"297095608694449044964208227087478768880",
"328639330774714907100642728544503363204",
"17852590006241573587183847420349458720",
"180574211167961718387810598829512067092",
"270447186769324840768603429604711616687",
"291492784790979532703841348606774441797",
"17234656718489223855727244315471540302",
"4494566512991468182257035036658827013",
"100067285054918524368057218554415546387",
"211161732107471073183069677845043101530"
],
"threshold": 0.9
},
"id": "ASB-A-239701237-f2c58b61",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 634.0,
"function_hash": "23443127663564534087095444263018226139"
},
"id": "ASB-A-239701237-f3d19096",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java",
"function": "setApplicationRestrictions"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 634.0,
"function_hash": "23443127663564534087095444263018226139"
},
"id": "ASB-A-239701237-48c7650c",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java",
"function": "setApplicationRestrictions"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"8726669358009533754711768650652471102",
"297095608694449044964208227087478768880",
"328639330774714907100642728544503363204",
"17852590006241573587183847420349458720",
"180574211167961718387810598829512067092",
"270447186769324840768603429604711616687",
"291492784790979532703841348606774441797",
"17234656718489223855727244315471540302",
"4494566512991468182257035036658827013",
"100067285054918524368057218554415546387",
"211161732107471073183069677845043101530"
],
"threshold": 0.9
},
"id": "ASB-A-239701237-83f36119",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e",
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1b9b59c63bffc675a042cba6cd666831abef2c3e"
]
}