PUB-A-199291025

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-199291025.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-199291025
Aliases
  • A-199291025
  • CVE-2022-20199
Published
2022-12-01T00:00:00Z
Modified
2025-11-14T16:44:49.782125Z
Summary
[none]
Details

In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "spl": "2022-12-01",
    "severity": "Moderate",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "signature_version": "v1",
            "match_only_versions": [
                "13"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
            "id": "PUB-A-199291025-44cce820",
            "target": {
                "function": "writeToParcel",
                "file": "core/java/android/nfc/Tag.java"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "228910055993601006408260322859620944637",
                "length": 370.0
            }
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "match_only_versions": [
                "13"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
            "id": "PUB-A-199291025-97262f16",
            "target": {
                "function": "createMockTag",
                "file": "core/java/android/nfc/Tag.java"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "288723020152768491564380649144350048909",
                "length": 118.0
            }
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
            "id": "PUB-A-199291025-dca2ea42",
            "digest": {
                "function_hash": "75574334044654999722375080134215737420",
                "length": 580.0
            },
            "target": {
                "function": "Tag",
                "file": "core/java/android/nfc/Tag.java"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
            "id": "PUB-A-199291025-ea765a09",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "75826017547751689359906288168362579942",
                    "218527116716407971086642852943158250102",
                    "168973856225589253977743056777208036884",
                    "77664397105102708486060075419358990530",
                    "182984410729477010966957327964807341153",
                    "323442142402352807833211738361511593620",
                    "14230890380888711267068734516094417267",
                    "99978857895936601196390226402567242242",
                    "294977385888727288235993125817390763419",
                    "284428197266274806733641204587961138104",
                    "305539603822275182259890749827174269931",
                    "286680593721379623565878217012891940017",
                    "114368802226586988611255365192298393836",
                    "223568327603182081744540239294657759159",
                    "59354948975628462002757021145156754750",
                    "154240307618326874490742009582292101745",
                    "6910901055697159255487948666990816472",
                    "131437733495972663280168884723348349292",
                    "240304406951932134261273458694520227647",
                    "215163660421725850980893893775318416424",
                    "21349837310493117126040166714005202835",
                    "236806621672769295911957844034634935531",
                    "331569125504612200886347952316790333618",
                    "149677275950817840947015866169319328625",
                    "264150260384606759436473556392072091229",
                    "302617732986476537642293631698627257807",
                    "127356445551663730610616497521716897200",
                    "207250587054042085237725639590241848691",
                    "276515002543738886583886999955130096381",
                    "219338329744783372766580650341379728908",
                    "193151433893591041131213399771136660068",
                    "159000468233181969323071982923104345499",
                    "17936816468053447528909470558734576723",
                    "24864699734238265339186280638271997367",
                    "113535788353335294655919776510412195512",
                    "63451406828791622255079501367221115348",
                    "124005279753869197890700700493824251145",
                    "313243154114600911844918578063593828293",
                    "236436694619147011681659832242403348934",
                    "175725455213205374325889992049653201917",
                    "44489724610428113554830747374304792184",
                    "264084279298751113204370848310166624635",
                    "297008407134199780576098592359077813224"
                ]
            },
            "target": {
                "file": "core/java/android/nfc/Tag.java"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "match_only_versions": [
                "13"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/90d2c04d988ea90138042d85f861a40afb76f705",
            "id": "PUB-A-199291025-f49eae44",
            "target": {
                "function": "createFromParcel",
                "file": "core/java/android/nfc/Tag.java"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "76521651657170629098724294348020444917",
                "length": 435.0
            }
        }
    ],
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Nfc

Package

Name
platform/packages/apps/Nfc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "spl": "2022-12-01",
    "severity": "Moderate",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-29b75807",
            "digest": {
                "function_hash": "241957864946107177924050211226227948049",
                "length": 414.0
            },
            "target": {
                "function": "isTagUpToDate",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-56eb18f1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "236523874113583041612037156495058417607",
                    "9488410708926967528297828831063981115",
                    "102313942456620587616915930920412975166",
                    "61657713972363115416944545388946362841",
                    "280163816654132908160689489300927167101",
                    "83413471524456207431436907297918127318",
                    "123761355787093788788107621778646952328",
                    "100938034401585286732445768975819479935",
                    "55166014893749486199839083879400776909",
                    "282205312345036573292798731963903490709",
                    "13493842005396674158231940618027407630",
                    "82298270174857836712339419009099785932",
                    "54426169855663579600625513442344230922",
                    "5455810205884880170079918342370789756",
                    "209890855245644142408750351550481092805",
                    "63726227642034911877592959509258455839",
                    "67643091918787772748798126428556196967",
                    "156767400109015197780450476070099051318",
                    "79917195873948892076114199138337417861",
                    "231366692523760474396420296783379531015",
                    "219625356762333396589264977659135862336",
                    "115015776824194393489934728380613064946",
                    "196349865794227853190558059482642994508",
                    "134649837750060401370364226335323206385",
                    "161252698602001836511629478140097586069",
                    "240430294754099573504417334425450230976",
                    "201314074583121594954019470120538552262",
                    "88024182005648753404943803834649514663",
                    "244751902383636087561567831555676317386",
                    "314836917333237606222040667978667628509",
                    "131779842293869028489642512733011198779",
                    "62240256476214172782096195834385274737",
                    "276892610332312998257770312828240968811",
                    "306424791210059178714192220181281487489",
                    "182613300601691859572812876505917609569",
                    "278019377394303208318088765106675430727",
                    "19755597696100791961923540106327088078",
                    "180980963921137994197799217076665451369",
                    "262690208544084714063901795670828387087",
                    "334619906281342516176643149081653146878",
                    "321591634692931568652550452904615960078",
                    "308631845498502147212906414349756619276",
                    "130763100322956340752847333220678107880",
                    "63938213896158703243768757032788788490"
                ]
            },
            "target": {
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "match_only_versions": [
                "13"
            ],
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-5b3ddecd",
            "target": {
                "function": "rediscover",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "178183139950416214276513024474244395053",
                "length": 596.0
            }
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-5ca28282",
            "digest": {
                "function_hash": "225135728256752818609898632815053692446",
                "length": 2917.0
            },
            "target": {
                "function": "dispatchTagEndpoint",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-950bb74f",
            "digest": {
                "function_hash": "157350156200360997835188452343344244994",
                "length": 8575.0
            },
            "target": {
                "function": "handleMessage",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "deprecated": false,
            "signature_version": "v1",
            "match_only_versions": [
                "13"
            ],
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-cb5bde8e",
            "target": {
                "function": "onTagDisconnected",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "digest": {
                "function_hash": "95946657837689939603111401885012982257",
                "length": 55.0
            }
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/701f997db75412ae1360e2290c7aac68a5105f70",
            "id": "PUB-A-199291025-d3759684",
            "digest": {
                "function_hash": "42542488920067912225459150232632256623",
                "length": 184.0
            },
            "target": {
                "function": "setTagUpToDate",
                "file": "src/com/android/nfc/NfcService.java"
            },
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ],
    "types": [
        "ID"
    ]
}