PUB-A-191954233

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-191954233.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-191954233

Aliases

A-191954233
CVE-2021-0988

Published

2021-12-01T00:00:00Z

Modified

2026-05-15T15:01:37.959123Z

Summary

[none]

Details

In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2021-12-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/1d6bc4e1874ae4fbe2695d08464cc2b0f659f997",
            "digest": {
                "function_hash": "264603578110578977308773915630180438313",
                "length": 170.0
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityClientController.java",
                "function": "getLaunchedFromPackage"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-2851af7d"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/1d6bc4e1874ae4fbe2695d08464cc2b0f659f997",
            "digest": {
                "function_hash": "55536776578654624016144981176681338854",
                "length": 198.0
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityClientController.java",
                "function": "getLaunchedFromUid"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-4f57e2ab"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/1d6bc4e1874ae4fbe2695d08464cc2b0f659f997",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "174808922437240677627742803951708865820",
                    "91403675260202517997326574331789180340",
                    "104505683080756525383317262783599076547",
                    "200676763069383249658547365413262195501",
                    "80984503783502309787786049673550880056",
                    "318402902799698485461329540677182139309",
                    "240406913568824325809189223054481965184",
                    "140891950594240049632691008267011709869",
                    "313753903221639052457570773679952840647",
                    "157660133717960975700920736535171584904",
                    "111626024918874756711164654525579247876",
                    "338259431431763331576199413549624206353",
                    "143146395528801866658816138666432240617",
                    "259981170478718095876877519938940011577",
                    "77113707542957055727576013389438363923",
                    "150032992700180872538678797932959151004",
                    "33080956372133495114828098802514845222",
                    "166262659433666545654092006505689399677",
                    "39514825788708055998358346645583168845",
                    "251120741046466846427994609488412062336",
                    "130220749541560948158864948305238123525",
                    "197790123221419850924977968510345913397",
                    "301129931417725205060479837906148475343",
                    "286064385087170236546033835111873880475",
                    "149713084073254821689258379510616268940",
                    "315911703671184141190277540524306262002",
                    "27216449601433578156513282962170503066",
                    "157399221979240846057537294936248389197",
                    "285114824406338192301636784799044286996",
                    "317931236233952214730079017301386681360",
                    "317408155499675601352136806701692596398",
                    "198107751940972950360525920908809137304"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityClientController.java"
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-7abda2bb"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/bc817f1eff9889292bd2b3cad4d4eed56a9a4830",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "190435056261218728453316647817527383636",
                    "121777323344655602847224352711325139274",
                    "27685480651417845615032188213408336999",
                    "65054089820080445111750700446708625381",
                    "253177753223314235181697678471224405084",
                    "200952331430259642276838639158616341389"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityTaskSupervisor.java"
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-90dc6f61"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/bc817f1eff9889292bd2b3cad4d4eed56a9a4830",
            "digest": {
                "function_hash": "176950729361942540487474238663089108753",
                "length": 812.0
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityRecord.java",
                "function": "deliverNewIntentLocked"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-9372ab2f"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/bc817f1eff9889292bd2b3cad4d4eed56a9a4830",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "18866207012874881757920618410967321867",
                    "15319647225824101216585407272118790709",
                    "140075833828855772759590339287349760739",
                    "338378307837799580160120135395205141772",
                    "281092101559906700321422576934806442472",
                    "304688705216120957684217440319841903304",
                    "75348411922556477965778407956061857265"
                ]
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityRecord.java"
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-ecf42499"
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/bc817f1eff9889292bd2b3cad4d4eed56a9a4830",
            "digest": {
                "function_hash": "70756871042730078203506742408572370999",
                "length": 5094.0
            },
            "target": {
                "file": "services/core/java/com/android/server/wm/ActivityTaskSupervisor.java",
                "function": "realStartActivityLocked"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "deprecated": false,
            "id": "PUB-A-191954233-edba91ca"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/1d6bc4e1874ae4fbe2695d08464cc2b0f659f997",
        "https://android.googlesource.com/platform/frameworks/base/+/bc817f1eff9889292bd2b3cad4d4eed56a9a4830"
    ],
    "severity": "Moderate",
    "spl": "2021-12-01"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-191954233.json"