PUB-A-176756691
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-176756691.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-176756691
- Aliases
-
- A-176756691
- CVE-2021-0536
- Published
- 2021-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/CertInstaller
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1158.0,
"function_hash": "217356404813949619192597016952761966644"
},
"id": "PUB-A-176756691-0ff8c12c",
"source": "https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/certinstaller/WiFiInstaller.java",
"function": "onClick"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"50884962869614138736932429704867604640",
"110593511323198659955124285766390407898",
"277017593897858298501438162745831353790",
"28914999815257171562187877444059598245",
"300724692283570300959613447913914763412",
"249615175997684530577499538551395100744",
"325316964057662013535318730941371968015",
"157683948721163247911509074399803859303",
"113995312874588763968216755550988293515",
"285489144737406926788648397144622868652",
"75934963529806651734131451107994508836",
"113850337314581330153067122794552763517",
"205746171712783766711487956569040371092",
"105429424590447603293585786452890792556",
"109292298579708698101280741263387804456",
"168105292376293842380796371687750511439",
"66416544799714965963344419439922581178",
"195663666451109428123050429269860455601",
"163927171177882088663138154594370213000",
"35951252584294079639361290437444525297",
"121841287610310181697730947541895549506",
"62004359281163191929215155141062187313",
"325274727477639117123931452821196902177",
"298594492613526982516091701526939442872",
"22349764243196092161644316995305225773",
"334170073999241321161777757428487986967",
"213345543987195138279948199236563888033",
"30601449319213005644965748514748184568",
"18018516333635154065722059856404442197",
"125815783470666222251918119255572659184",
"158161435784027807284508661826910952778",
"56747962248170870257967867155141748651",
"126267276994991685681610272992841727527",
"223803257894458153046301940958085187491",
"6743122218507572728271124840639386142",
"243880150681672439382222660116883025369",
"125815136868875500919557391255249570954",
"1154105561246331928501216441417853678",
"211687292738631491698869049571664967974",
"130408382069926554371706830419755768947",
"86398477381419362780007935883518814181",
"304450820676327076831346339499840956751",
"216893408362943177202762008607558107889",
"183751773563818110791789117596091578755",
"181425343311949278082781996084193554648",
"58023314560031203343795860658100766388",
"314804132999357876994560547224183142179",
"168181709376296857307641552877873779477",
"197572627277844675623593665117133172144",
"127789459640995924136265642285808032843",
"134746647416465818254803885961153710086",
"324478295113550591524123847874641096178",
"246153942464329937098884859507590020672",
"156620395127848467318029874151521519136",
"47207791686508897801744191652235640138"
]
},
"id": "PUB-A-176756691-44679434",
"source": "https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/certinstaller/WiFiInstaller.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 737.0,
"function_hash": "203260181679921286245243708838292581669"
},
"id": "PUB-A-176756691-6ba53792",
"source": "https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/certinstaller/WiFiInstaller.java",
"function": "run"
},
"signature_type": "Function"
},
{
"digest": {
"length": 903.0,
"function_hash": "149512918836258587134286066261101636141"
},
"id": "PUB-A-176756691-cde00719",
"source": "https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/certinstaller/WiFiInstaller.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2411.0,
"function_hash": "231043761990921581651513874173068478550"
},
"id": "PUB-A-176756691-f56210f3",
"source": "https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/certinstaller/WiFiInstaller.java",
"function": "createMainDialog"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/CertInstaller/+/2e6f670e6fd6ffa6065280e057b4a68dbc68a44e"
],
"spl": "2021-06-01",
"severity": "Moderate",
"types": [
"EoP"
]
}