ASB-A-299931076

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-299931076.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-299931076
Aliases
  • A-299931076
  • CVE-2024-31332
Published
2024-07-01T00:00:00Z
Modified
2024-08-07T19:29:42.149975Z
Summary
Connect to an untrusted Wi-Fi network through WifiDppConfiguratorActivity (no_add_wifi_config)
Details

In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2024-07-01

Affected versions

Other

13

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "13"
            ],
            "digest": {
                "length": 63.0,
                "function_hash": "97638338110788014445327403786247247325"
            },
            "id": "ASB-A-299931076-409c8a63",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/AddNetworkFragment.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "13"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "284409016661277852249055862271468968191",
                    "88343878351731781467530812455841524601",
                    "268410833658765093990161559055301838959",
                    "196404895235203806792852603024638757159",
                    "145619341685230890904485357133784252748",
                    "12739285103991228539654874115911569765",
                    "97728168410840271744904920456774192143",
                    "88217963427347387323026523374435631321",
                    "286508034715687416815902777443473931615",
                    "186285230940539118283170771124585596401",
                    "117912478661568436969772186781300374658",
                    "214963514847342390912577093768032467777",
                    "286507731333821125958766463084935498760",
                    "187090161818788161472812566479284379283",
                    "139897086758789540371648451576876444314",
                    "149632712310068680959323103405220691226",
                    "220884027888050459794073188008898298494",
                    "67285741456772442012070940876174401461"
                ]
            },
            "id": "ASB-A-299931076-5c3a70a0",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "13"
            ],
            "digest": {
                "length": 776.0,
                "function_hash": "17362057474275922495040886120710217654"
            },
            "id": "ASB-A-299931076-a061204e",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java",
                "function": "handleIntent"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "13"
            ],
            "digest": {
                "length": 631.0,
                "function_hash": "208983708731606420486982604042148062073"
            },
            "id": "ASB-A-299931076-f34f2257",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "13"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "10509911422868037607689948197095674656",
                    "116648315962777693127588162925041051531",
                    "265780223360724538472210692820091357956",
                    "46206442751633831112198887790885712518",
                    "55239832875740952416782743791637037911",
                    "168129780948516614537955807827889224141",
                    "270852366974585344496618788762017553735",
                    "280007151046524487732134013183771466002",
                    "271594426645886071427240208596184232601",
                    "27928393706583974309637298227909850475",
                    "99924221807766165413294172692168533550",
                    "286380626706115867740742094729538670325",
                    "271418332901160492157674341486227930175",
                    "22138272896828409624353445635832686731",
                    "25191830760548747023037814163737340306",
                    "124475094670412502057680597792910080246"
                ]
            },
            "id": "ASB-A-299931076-fbec2d26",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/AddNetworkFragment.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/254ba087c29503e8bcf01cc10082c3f393e7701f"
    ],
    "spl": "2024-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2024-07-01

Affected versions

Other

14

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "14"
            ],
            "digest": {
                "length": 63.0,
                "function_hash": "97638338110788014445327403786247247325"
            },
            "id": "ASB-A-299931076-4aa963e7",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/AddNetworkFragment.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "14"
            ],
            "digest": {
                "length": 989.0,
                "function_hash": "17407929729425482389188389989272702638"
            },
            "id": "ASB-A-299931076-5031d72a",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java",
                "function": "handleIntent"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "14"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "10509911422868037607689948197095674656",
                    "116648315962777693127588162925041051531",
                    "30272441437586313817719963546279171476",
                    "207198554333295849580190201553543609521",
                    "76244283455237174777908388912340410407",
                    "257541821652130470790896371099542743960",
                    "168129780948516614537955807827889224141",
                    "270852366974585344496618788762017553735",
                    "280007151046524487732134013183771466002",
                    "271594426645886071427240208596184232601",
                    "27928393706583974309637298227909850475",
                    "99924221807766165413294172692168533550",
                    "286380626706115867740742094729538670325",
                    "271418332901160492157674341486227930175",
                    "22138272896828409624353445635832686731",
                    "25191830760548747023037814163737340306",
                    "124475094670412502057680597792910080246"
                ]
            },
            "id": "ASB-A-299931076-5b31150f",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/AddNetworkFragment.java"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "14"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "41339811822605871808033830550549831946",
                    "286508034715687416815902777443473931615",
                    "186285230940539118283170771124585596401",
                    "117912478661568436969772186781300374658",
                    "214963514847342390912577093768032467777",
                    "286507731333821125958766463084935498760",
                    "264581505185920893746794670847889551374",
                    "93313534388833706278338930322987963400",
                    "254980017244304084229259074563658890143",
                    "39984497540760544846944916603573097578",
                    "13292003060342391469665896966217466316"
                ]
            },
            "id": "ASB-A-299931076-623eea81",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "14"
            ],
            "digest": {
                "length": 631.0,
                "function_hash": "208983708731606420486982604042148062073"
            },
            "id": "ASB-A-299931076-80021e48",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/dpp/WifiDppConfiguratorActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/0ea027a71cc97ca07576fa4bdaff608eec326f78"
    ],
    "spl": "2024-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}