ASB-A-268038643

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-268038643.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-268038643
Aliases
  • A-268038643
  • CVE-2023-35671
Published
2023-09-01T00:00:00Z
Modified
2024-08-07T19:29:24.763583Z
Summary
[none]
Details

In onHostEmulationData of HostEmulationManager.java, there is a possible way for a general purpose NFC reader to read the full card number and expiry details when the device is in locked screen mode due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-09-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "110866618968501505513047877639112891999",
                    "221764726489805107389971049563589762627",
                    "278520023814604683377314502770623374671",
                    "45428150385889769144377600164922333789"
                ]
            },
            "id": "ASB-A-268038643-78ee6475",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287829365925445715483659298781676756817",
                    "93922054408343538861188962430576834619",
                    "199062318457883682300576972194368110861"
                ]
            },
            "id": "ASB-A-268038643-f00b2907",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 3419.0,
                "function_hash": "282346893729420854136991953993589179214"
            },
            "id": "ASB-A-268038643-f84a981c",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java",
                "function": "onHostEmulationData"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428"
    ],
    "spl": "2023-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-09-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271055080462231680351012234498051702355",
                    "111552660683889881621406641232615389006",
                    "268906614407820728310099806307650203101",
                    "296109978503100678768439480874051096449",
                    "202336758225234101879251178291874369964"
                ]
            },
            "id": "ASB-A-268038643-2b17aca5",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 2867.0,
                "function_hash": "38986059855720312268682811721479119787"
            },
            "id": "ASB-A-268038643-d608cf36",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java",
                "function": "onHostEmulationData"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287829365925445715483659298781676756817",
                    "93922054408343538861188962430576834619",
                    "199062318457883682300576972194368110861"
                ]
            },
            "id": "ASB-A-268038643-ee5c0865",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0"
    ],
    "spl": "2023-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-09-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287829365925445715483659298781676756817",
                    "93922054408343538861188962430576834619",
                    "199062318457883682300576972194368110861"
                ]
            },
            "id": "ASB-A-268038643-24a45f01",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271055080462231680351012234498051702355",
                    "111552660683889881621406641232615389006",
                    "268906614407820728310099806307650203101",
                    "296109978503100678768439480874051096449",
                    "202336758225234101879251178291874369964"
                ]
            },
            "id": "ASB-A-268038643-69c6ab67",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 2867.0,
                "function_hash": "38986059855720312268682811721479119787"
            },
            "id": "ASB-A-268038643-9bd9d88f",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java",
                "function": "onHostEmulationData"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/d6d8f79fd8d605b3cb460895a8e3a11bcf0c22b0"
    ],
    "spl": "2023-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-09-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 3210.0,
                "function_hash": "339381844574271533070577803431177444728"
            },
            "id": "ASB-A-268038643-0d9e4128",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java",
                "function": "onHostEmulationData"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "110866618968501505513047877639112891999",
                    "221764726489805107389971049563589762627",
                    "278520023814604683377314502770623374671",
                    "45428150385889769144377600164922333789"
                ]
            },
            "id": "ASB-A-268038643-366dfb0f",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287829365925445715483659298781676756817",
                    "93922054408343538861188962430576834619",
                    "199062318457883682300576972194368110861"
                ]
            },
            "id": "ASB-A-268038643-36a40dd0",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/be02c1590cd11eb6c045bac7c30bd3ec8c22e80c"
    ],
    "spl": "2023-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-09-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "110866618968501505513047877639112891999",
                    "221764726489805107389971049563589762627",
                    "278520023814604683377314502770623374671",
                    "45428150385889769144377600164922333789"
                ]
            },
            "id": "ASB-A-268038643-404d49c5",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 3419.0,
                "function_hash": "282346893729420854136991953993589179214"
            },
            "id": "ASB-A-268038643-6c98d179",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/cardemulation/HostEmulationManager.java",
                "function": "onHostEmulationData"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "287829365925445715483659298781676756817",
                    "93922054408343538861188962430576834619",
                    "199062318457883682300576972194368110861"
                ]
            },
            "id": "ASB-A-268038643-9258a251",
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/6cb53d963d376b97963120a4d2c7df961789e428"
    ],
    "spl": "2023-09-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}