ASB-A-240936919
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-240936919.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-240936919
- Aliases
-
- A-240936919
- CVE-2022-20476
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"284205798504809724784272224468699701410",
"20350704382956903800339279784632990206",
"146345732816756121422852719691095437450",
"184278885357330085159587899033234060087"
],
"threshold": 0.9
},
"id": "ASB-A-240936919-6e964bac",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/4d13148a3fa5f6bc1b7038fae7d1f1adda163a9f",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 5168.0,
"function_hash": "252294874066412869649201823923762930482"
},
"id": "ASB-A-240936919-788b41ec",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/4d13148a3fa5f6bc1b7038fae7d1f1adda163a9f",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/4d13148a3fa5f6bc1b7038fae7d1f1adda163a9f"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"284205798504809724784272224468699701410",
"20350704382956903800339279784632990206",
"146345732816756121422852719691095437450",
"184278885357330085159587899033234060087"
],
"threshold": 0.9
},
"id": "ASB-A-240936919-b404943f",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e98f267592775a2b886ccaa752377d6967f9741",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 5491.0,
"function_hash": "174031766736513151646990418150496716107"
},
"id": "ASB-A-240936919-d913e6ba",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e98f267592775a2b886ccaa752377d6967f9741",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/5e98f267592775a2b886ccaa752377d6967f9741"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"284205798504809724784272224468699701410",
"20350704382956903800339279784632990206",
"146345732816756121422852719691095437450",
"184278885357330085159587899033234060087"
],
"threshold": 0.9
},
"id": "ASB-A-240936919-d263f746",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/24473590373902db492de502c7c557ef5ead485f",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 5544.0,
"function_hash": "79190887609884969770196094422135686638"
},
"id": "ASB-A-240936919-dc9c9b2f",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/24473590373902db492de502c7c557ef5ead485f",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/24473590373902db492de502c7c557ef5ead485f"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"284205798504809724784272224468699701410",
"20350704382956903800339279784632990206",
"146345732816756121422852719691095437450",
"184278885357330085159587899033234060087"
],
"threshold": 0.9
},
"id": "ASB-A-240936919-08a9bc01",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/006bb7107e7a88df7dfb6049f97bae57ac78b364",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 5544.0,
"function_hash": "79190887609884969770196094422135686638"
},
"id": "ASB-A-240936919-32904867",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/006bb7107e7a88df7dfb6049f97bae57ac78b364",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "setEnabledSetting"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/006bb7107e7a88df7dfb6049f97bae57ac78b364"
]
}