PUB-A-199291025
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-199291025.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-199291025
- Aliases
-
- A-199291025
- CVE-2022-20199
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13"
],
"digest": {
"length": 370.0,
"function_hash": "228910055993601006408260322859620944637"
},
"id": "PUB-A-199291025-44cce820",
"source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/nfc/Tag.java",
"function": "writeToParcel"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 118.0,
"function_hash": "288723020152768491564380649144350048909"
},
"id": "PUB-A-199291025-97262f16",
"source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/nfc/Tag.java",
"function": "createMockTag"
},
"signature_type": "Function"
},
{
"digest": {
"length": 580.0,
"function_hash": "75574334044654999722375080134215737420"
},
"id": "PUB-A-199291025-dca2ea42",
"source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/nfc/Tag.java",
"function": "Tag"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"75826017547751689359906288168362579942",
"218527116716407971086642852943158250102",
"168973856225589253977743056777208036884",
"77664397105102708486060075419358990530",
"182984410729477010966957327964807341153",
"323442142402352807833211738361511593620",
"14230890380888711267068734516094417267",
"99978857895936601196390226402567242242",
"294977385888727288235993125817390763419",
"284428197266274806733641204587961138104",
"305539603822275182259890749827174269931",
"286680593721379623565878217012891940017",
"114368802226586988611255365192298393836",
"223568327603182081744540239294657759159",
"59354948975628462002757021145156754750",
"154240307618326874490742009582292101745",
"6910901055697159255487948666990816472",
"131437733495972663280168884723348349292",
"240304406951932134261273458694520227647",
"215163660421725850980893893775318416424",
"21349837310493117126040166714005202835",
"236806621672769295911957844034634935531",
"331569125504612200886347952316790333618",
"149677275950817840947015866169319328625",
"264150260384606759436473556392072091229",
"302617732986476537642293631698627257807",
"127356445551663730610616497521716897200",
"207250587054042085237725639590241848691",
"276515002543738886583886999955130096381",
"219338329744783372766580650341379728908",
"193151433893591041131213399771136660068",
"159000468233181969323071982923104345499",
"17936816468053447528909470558734576723",
"24864699734238265339186280638271997367",
"113535788353335294655919776510412195512",
"63451406828791622255079501367221115348",
"124005279753869197890700700493824251145",
"313243154114600911844918578063593828293",
"236436694619147011681659832242403348934",
"175725455213205374325889992049653201917",
"44489724610428113554830747374304792184",
"264084279298751113204370848310166624635",
"297008407134199780576098592359077813224"
]
},
"id": "PUB-A-199291025-ea765a09",
"source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/nfc/Tag.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 435.0,
"function_hash": "76521651657170629098724294348020444917"
},
"id": "PUB-A-199291025-f49eae44",
"source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/nfc/Tag.java",
"function": "createFromParcel"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705"
],
"spl": "2022-12-01",
"severity": "Moderate",
"types": [
"ID"
]
}
Android / platform/packages/apps/Nfc
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 414.0,
"function_hash": "241957864946107177924050211226227948049"
},
"id": "PUB-A-199291025-29b75807",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "isTagUpToDate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"236523874113583041612037156495058417607",
"9488410708926967528297828831063981115",
"102313942456620587616915930920412975166",
"61657713972363115416944545388946362841",
"280163816654132908160689489300927167101",
"83413471524456207431436907297918127318",
"123761355787093788788107621778646952328",
"100938034401585286732445768975819479935",
"55166014893749486199839083879400776909",
"282205312345036573292798731963903490709",
"13493842005396674158231940618027407630",
"82298270174857836712339419009099785932",
"54426169855663579600625513442344230922",
"5455810205884880170079918342370789756",
"209890855245644142408750351550481092805",
"63726227642034911877592959509258455839",
"67643091918787772748798126428556196967",
"156767400109015197780450476070099051318",
"79917195873948892076114199138337417861",
"231366692523760474396420296783379531015",
"219625356762333396589264977659135862336",
"115015776824194393489934728380613064946",
"196349865794227853190558059482642994508",
"134649837750060401370364226335323206385",
"161252698602001836511629478140097586069",
"240430294754099573504417334425450230976",
"201314074583121594954019470120538552262",
"88024182005648753404943803834649514663",
"244751902383636087561567831555676317386",
"314836917333237606222040667978667628509",
"131779842293869028489642512733011198779",
"62240256476214172782096195834385274737",
"276892610332312998257770312828240968811",
"306424791210059178714192220181281487489",
"182613300601691859572812876505917609569",
"278019377394303208318088765106675430727",
"19755597696100791961923540106327088078",
"180980963921137994197799217076665451369",
"262690208544084714063901795670828387087",
"334619906281342516176643149081653146878",
"321591634692931568652550452904615960078",
"308631845498502147212906414349756619276",
"130763100322956340752847333220678107880",
"63938213896158703243768757032788788490"
]
},
"id": "PUB-A-199291025-56eb18f1",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 596.0,
"function_hash": "178183139950416214276513024474244395053"
},
"id": "PUB-A-199291025-5b3ddecd",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "rediscover"
},
"signature_type": "Function"
},
{
"digest": {
"length": 2917.0,
"function_hash": "225135728256752818609898632815053692446"
},
"id": "PUB-A-199291025-5ca28282",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "dispatchTagEndpoint"
},
"signature_type": "Function"
},
{
"digest": {
"length": 8575.0,
"function_hash": "157350156200360997835188452343344244994"
},
"id": "PUB-A-199291025-950bb74f",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "handleMessage"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 55.0,
"function_hash": "95946657837689939603111401885012982257"
},
"id": "PUB-A-199291025-cb5bde8e",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "onTagDisconnected"
},
"signature_type": "Function"
},
{
"digest": {
"length": 184.0,
"function_hash": "42542488920067912225459150232632256623"
},
"id": "PUB-A-199291025-d3759684",
"source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/nfc/NfcService.java",
"function": "setTagUpToDate"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70"
],
"spl": "2022-12-01",
"severity": "Moderate",
"types": [
"ID"
]
}