ASB-A-242996180
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-242996180.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-242996180
- Aliases
-
- A-242996180
- CVE-2022-20611
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39390702847566015400062155873899846122",
"246170490382414263325557191844605501684",
"260944426907168236295731190582074330076",
"121045809211728814988130041147452091831"
],
"threshold": 0.9
},
"id": "ASB-A-242996180-6ec9cdda",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2e42c393f2d5521d20acd9281d411a0fbc6196c3",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 3171.0,
"function_hash": "67763629278575921625377399606801959615"
},
"id": "ASB-A-242996180-977b42e9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2e42c393f2d5521d20acd9281d411a0fbc6196c3",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deletePackageVersioned"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2e42c393f2d5521d20acd9281d411a0fbc6196c3"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39390702847566015400062155873899846122",
"246170490382414263325557191844605501684",
"327818450646080164831342029377344346321",
"22063825501038404061765592845133788762"
],
"threshold": 0.9
},
"id": "ASB-A-242996180-0e29a94b",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/fcdc62081c934d35a55ff7e511590337cb4e277a",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 3223.0,
"function_hash": "326849271406198245851570886586795310718"
},
"id": "ASB-A-242996180-bbf8b2a6",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/fcdc62081c934d35a55ff7e511590337cb4e277a",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deletePackageVersionedInternal"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/fcdc62081c934d35a55ff7e511590337cb4e277a"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39390702847566015400062155873899846122",
"246170490382414263325557191844605501684",
"250239728540596199841413986287882900414",
"36545710774110723821234371419348385686"
],
"threshold": 0.9
},
"id": "ASB-A-242996180-33656dab",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/dba7ceb57ecdf9485bcfe8eb554510ccf9ad773c",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 3512.0,
"function_hash": "202255530113278639769155559530735938068"
},
"id": "ASB-A-242996180-ba061652",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/dba7ceb57ecdf9485bcfe8eb554510ccf9ad773c",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deletePackageVersionedInternal"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/dba7ceb57ecdf9485bcfe8eb554510ccf9ad773c"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 3512.0,
"function_hash": "202255530113278639769155559530735938068"
},
"id": "ASB-A-242996180-0b30ae2f",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cbda45eb956ec1f9105b45c5f995c1a15fba1c07",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "deletePackageVersionedInternal"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"39390702847566015400062155873899846122",
"246170490382414263325557191844605501684",
"250239728540596199841413986287882900414",
"36545710774110723821234371419348385686"
],
"threshold": 0.9
},
"id": "ASB-A-242996180-8ee52784",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/cbda45eb956ec1f9105b45c5f995c1a15fba1c07",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/cbda45eb956ec1f9105b45c5f995c1a15fba1c07"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"253720506657137965708815905571603292106",
"72459550445661020850003662771714924553",
"299946231570760129098164675720578506659"
],
"threshold": 0.9
},
"id": "ASB-A-242996180-584794b5",
"match_only_versions": [
"13"
],
"source": "https://android.googlesource.com/platform/frameworks/base/+/3ac6aa1e4daeb646bdb40813e988d1013d72150c",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/DeletePackageHelper.java"
},
"deprecated": true
},
{
"signature_type": "Function",
"digest": {
"length": 3684.0,
"function_hash": "51071305024780294137807663745819176638"
},
"id": "ASB-A-242996180-678072e1",
"signature_version": "v1",
"deprecated": true,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3ac6aa1e4daeb646bdb40813e988d1013d72150c",
"target": {
"file": "services/core/java/com/android/server/pm/DeletePackageHelper.java",
"function": "deletePackageVersionedInternal"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/3ac6aa1e4daeb646bdb40813e988d1013d72150c"
]
}