PUB-A-180419673

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-180419673.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-180419673
Aliases
  • A-180419673
  • CVE-2021-0539
Published
2021-06-01T00:00:00Z
Modified
2024-11-06T12:16:03.231308Z
Summary
[none]
Details

In archiveStoredConversation of MmsService.java, there is a possible way to archive message conversation without user consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/services/Mms

Package

Name
platform/packages/services/Mms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-06-01

Affected versions

Other

11

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "293613250987942263816303288157563540503",
                    "287124660630697584375849318651089324823",
                    "36946460191783365413945840267393125669",
                    "274447771839312378753502653407167139317",
                    "129291971431529604219013176637066015518",
                    "240949878323705658310411750882175041252",
                    "70801864732567594003963611904526830257",
                    "325710945528148596877556527566916886115"
                ]
            },
            "id": "PUB-A-180419673-bcfc8c04",
            "source": "https://android.googlesource.com/platform/packages/services/Mms/+/fc9b30346633e275faa7b44734c1718280407d5f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/mms/service/MmsService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 308.0,
                "function_hash": "83129940140774098393147415840015853450"
            },
            "id": "PUB-A-180419673-eeb9a025",
            "source": "https://android.googlesource.com/platform/packages/services/Mms/+/fc9b30346633e275faa7b44734c1718280407d5f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/mms/service/MmsService.java",
                "function": "archiveStoredConversation"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Mms/+/fc9b30346633e275faa7b44734c1718280407d5f"
    ],
    "spl": "2021-06-01",
    "severity": "Moderate",
    "types": [
        "EoP"
    ]
}