In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "spl": "2023-09-01", "severity": "High", "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428" ], "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "line_hashes": [ "110866618968501505513047877639112891999", "221764726489805107389971049563589762627", "278520023814604683377314502770623374671", "45428150385889769144377600164922333789" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-78ee6475" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/NfcService.java" }, "digest": { "line_hashes": [ "287829365925445715483659298781676756817", "93922054408343538861188962430576834619", "199062318457883682300576972194368110861" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-f00b2907" }, { "signature_version": "v1", "target": { "function": "onHostEmulationData", "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "length": 3419.0, "function_hash": "282346893729420854136991953993589179214" }, "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-f84a981c" } ], "types": [ "ID" ] }
{ "spl": "2023-09-01", "severity": "High", "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0" ], "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "line_hashes": [ "271055080462231680351012234498051702355", "111552660683889881621406641232615389006", "268906614407820728310099806307650203101", "296109978503100678768439480874051096449", "202336758225234101879251178291874369964" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-2b17aca5" }, { "signature_version": "v1", "target": { "function": "onHostEmulationData", "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "length": 2867.0, "function_hash": "38986059855720312268682811721479119787" }, "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-d608cf36" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/NfcService.java" }, "digest": { "line_hashes": [ "287829365925445715483659298781676756817", "93922054408343538861188962430576834619", "199062318457883682300576972194368110861" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-ee5c0865" } ], "types": [ "ID" ] }
{ "spl": "2023-09-01", "severity": "High", "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0" ], "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "src/com/android/nfc/NfcService.java" }, "digest": { "line_hashes": [ "287829365925445715483659298781676756817", "93922054408343538861188962430576834619", "199062318457883682300576972194368110861" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-24a45f01" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "line_hashes": [ "271055080462231680351012234498051702355", "111552660683889881621406641232615389006", "268906614407820728310099806307650203101", "296109978503100678768439480874051096449", "202336758225234101879251178291874369964" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-69c6ab67" }, { "signature_version": "v1", "target": { "function": "onHostEmulationData", "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "length": 2867.0, "function_hash": "38986059855720312268682811721479119787" }, "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0", "deprecated": false, "id": "ASB-A-268038643-9bd9d88f" } ], "types": [ "ID" ] }
{ "spl": "2023-09-01", "severity": "High", "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c" ], "vanir_signatures": [ { "signature_version": "v1", "target": { "function": "onHostEmulationData", "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "length": 3210.0, "function_hash": "339381844574271533070577803431177444728" }, "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c", "deprecated": false, "id": "ASB-A-268038643-0d9e4128" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "line_hashes": [ "110866618968501505513047877639112891999", "221764726489805107389971049563589762627", "278520023814604683377314502770623374671", "45428150385889769144377600164922333789" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c", "deprecated": false, "id": "ASB-A-268038643-366dfb0f" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/NfcService.java" }, "digest": { "line_hashes": [ "287829365925445715483659298781676756817", "93922054408343538861188962430576834619", "199062318457883682300576972194368110861" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c", "deprecated": false, "id": "ASB-A-268038643-36a40dd0" } ], "types": [ "ID" ] }
{ "spl": "2023-09-01", "severity": "High", "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428" ], "vanir_signatures": [ { "signature_version": "v1", "target": { "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "line_hashes": [ "110866618968501505513047877639112891999", "221764726489805107389971049563589762627", "278520023814604683377314502770623374671", "45428150385889769144377600164922333789" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-404d49c5" }, { "signature_version": "v1", "target": { "function": "onHostEmulationData", "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java" }, "digest": { "length": 3419.0, "function_hash": "282346893729420854136991953993589179214" }, "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-6c98d179" }, { "signature_version": "v1", "target": { "file": "src/com/android/nfc/NfcService.java" }, "digest": { "line_hashes": [ "287829365925445715483659298781676756817", "93922054408343538861188962430576834619", "199062318457883682300576972194368110861" ], "threshold": 0.9 }, "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428", "deprecated": false, "id": "ASB-A-268038643-9258a251" } ], "types": [ "ID" ] }