PUB-A-201535148
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-201535148.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-201535148
- Aliases
-
- A-201535148
- CVE-2022-20196
- Published
- 2022-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In gallery3d and photos, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Gallery2
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 883.0,
"function_hash": "179681300963211884690056854096109177439"
},
"id": "PUB-A-201535148-0408e7fe",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "updateActionItemVisibilities"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 683.0,
"function_hash": "184387040173152115022342393261607881443"
},
"id": "PUB-A-201535148-07af6257",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java",
"function": "getSupportedOperations"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1097.0,
"function_hash": "335011826790043392630544543866283663031"
},
"id": "PUB-A-201535148-2b1036c0",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "singleItemAction"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1306.0,
"function_hash": "41913397070175780202437061129792075600"
},
"id": "PUB-A-201535148-3713441c",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java",
"function": "onMenuClicked"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"272018259021943783205849101147608568733",
"137581051104587709188855779283222203108",
"338794538615841014784270552832882576755",
"80863795701381455483949491168699941711"
]
},
"id": "PUB-A-201535148-3cdf8772",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/filtershow/crop/CropExtras.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 47.0,
"function_hash": "326614150324117000539187597533491653795"
},
"id": "PUB-A-201535148-5238fabc",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/filtershow/crop/CropExtras.java",
"function": "getSetAsWallpaper"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1476.0,
"function_hash": "296747417119701921630196183976897207130"
},
"id": "PUB-A-201535148-5c9ed1fc",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java",
"function": "updateMenuOperation"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 502.0,
"function_hash": "88770189073130505689489628266389993757"
},
"id": "PUB-A-201535148-9ea0b634",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "onActionItemClicked"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1539.0,
"function_hash": "31529863024041711136088590505432417332"
},
"id": "PUB-A-201535148-a5b34fc4",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/Wallpaper.java",
"function": "onResume"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"287763971711858840098279022214630876988",
"187988274275283550147830497290301420441",
"201522223309010860651893908295667489615",
"121954893617204765319326971000648226862",
"249640372737757808846403484065354954821",
"183769391861600464599496911412101346122",
"262036402309424011414910616115479701656",
"256683422540964159539606735054655957184",
"243957678430995573566925527953747398962",
"148286491930507001382827749632563190930",
"3606904002022886931448748019589180581",
"269469012310099494097450128701817986919",
"31164928444746970187876121022249206657",
"296375168345528532492996563526397360584",
"43080184678014704929720041943995998925",
"313914771089130725522197459165058449628",
"109959396567554365597966938030984504897",
"229518798119626208676306537033084975504",
"40834759440703385597187735909600018446",
"241725881171290840478619643200614649750",
"292461756493065011169907122949177552354",
"248506109080575602118150501373756955912",
"214121499551973233281404391975184302607"
]
},
"id": "PUB-A-201535148-baac45bd",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 2387.0,
"function_hash": "66694820858705258142543906607286954067"
},
"id": "PUB-A-201535148-cabceaf2",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/PhotoPage.java",
"function": "onItemSelected"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"233679669455163180458030757234993939373",
"70056024488384320867007010422669630648",
"243746658011635173107285039142075651991",
"238244001096546311531779717624087118393"
]
},
"id": "PUB-A-201535148-d0b06bfa",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/Wallpaper.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"208673660295514683132692648017397944953",
"24713391475014316976081674721436852615",
"219965225015347593613601824453551054076",
"130482664255764128077107670642087959200",
"219554274769602169267509696708206331840",
"292930793279240040612263451674494107236",
"220466905632410632604949305232363880686",
"36674523091403191071595003439103495433",
"43418378897529182851012265393080377056",
"213097997382651313558684976144026383149",
"251182660361597744502577074312175136311",
"93090113854154495696553465909703588788"
]
},
"id": "PUB-A-201535148-d286dad9",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"279284354312107074129456476700958771317",
"16501995534669389089472062382269442370",
"194345204458721792808215576498277161544",
"247732857133338579513760730270025858434",
"11980613438868346606334324488621405166",
"64990868813736873776463816795653820102",
"223058199112326144169930372802264350807",
"260832227887862968083595589139864507451",
"178721538254165060881116959579052624134",
"169198294328947212607600825826149835216",
"268528517353140598909951205710051127885",
"236777254992167792333903165531972326835",
"318893575094053491345868569448706827410",
"302252561123043977982669401659564012299",
"133631319513995126936760864433233787585",
"311032956931086933920416908866448764390",
"40237509832839309742732852226651313165",
"283232841551118526899684000439227304286",
"75675672912105331042870912728446487883",
"220898095745319484895200771805050271496"
]
},
"id": "PUB-A-201535148-d9b2366b",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"124121812550960019558153676448282905593",
"304360074345030846887980361974022487906",
"130498359058527096788693341429213991671",
"293444533696919588124636516215613772621"
]
},
"id": "PUB-A-201535148-df942440",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/PhotoPage.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 2020.0,
"function_hash": "68048970771639542270417442158916044187"
},
"id": "PUB-A-201535148-f6df10b5",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java",
"function": "onItemSelectedStateChanged"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Gallery2/+/35ab9cd99173079886c3cd636b0606f55fefd846"
],
"spl": "2022-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}
Android / platform/packages/apps/Gallery2
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 502.0,
"function_hash": "88770189073130505689489628266389993757"
},
"id": "PUB-A-201535148-074bb6e0",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "onActionItemClicked"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"279284354312107074129456476700958771317",
"16501995534669389089472062382269442370",
"194345204458721792808215576498277161544",
"247732857133338579513760730270025858434",
"11980613438868346606334324488621405166",
"64990868813736873776463816795653820102",
"223058199112326144169930372802264350807",
"260832227887862968083595589139864507451",
"178721538254165060881116959579052624134",
"169198294328947212607600825826149835216",
"268528517353140598909951205710051127885",
"236777254992167792333903165531972326835",
"318893575094053491345868569448706827410",
"302252561123043977982669401659564012299",
"133631319513995126936760864433233787585",
"311032956931086933920416908866448764390",
"40237509832839309742732852226651313165",
"283232841551118526899684000439227304286",
"75675672912105331042870912728446487883",
"220898095745319484895200771805050271496"
]
},
"id": "PUB-A-201535148-1830fa04",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 2020.0,
"function_hash": "68048970771639542270417442158916044187"
},
"id": "PUB-A-201535148-1aa19f18",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java",
"function": "onItemSelectedStateChanged"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"287763971711858840098279022214630876988",
"187988274275283550147830497290301420441",
"201522223309010860651893908295667489615",
"121954893617204765319326971000648226862",
"249640372737757808846403484065354954821",
"183769391861600464599496911412101346122",
"262036402309424011414910616115479701656",
"256683422540964159539606735054655957184",
"243957678430995573566925527953747398962",
"148286491930507001382827749632563190930",
"3606904002022886931448748019589180581",
"269469012310099494097450128701817986919",
"31164928444746970187876121022249206657",
"296375168345528532492996563526397360584",
"43080184678014704929720041943995998925",
"313914771089130725522197459165058449628",
"109959396567554365597966938030984504897",
"229518798119626208676306537033084975504",
"40834759440703385597187735909600018446",
"241725881171290840478619643200614649750",
"292461756493065011169907122949177552354",
"248506109080575602118150501373756955912",
"214121499551973233281404391975184302607"
]
},
"id": "PUB-A-201535148-2032651f",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"233679669455163180458030757234993939373",
"70056024488384320867007010422669630648",
"243746658011635173107285039142075651991",
"238244001096546311531779717624087118393"
]
},
"id": "PUB-A-201535148-3091f466",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/Wallpaper.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"272018259021943783205849101147608568733",
"137581051104587709188855779283222203108",
"338794538615841014784270552832882576755",
"80863795701381455483949491168699941711"
]
},
"id": "PUB-A-201535148-4b141a98",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/filtershow/crop/CropExtras.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1306.0,
"function_hash": "41913397070175780202437061129792075600"
},
"id": "PUB-A-201535148-6bd2bd8c",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java",
"function": "onMenuClicked"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1097.0,
"function_hash": "335011826790043392630544543866283663031"
},
"id": "PUB-A-201535148-74265526",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "singleItemAction"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1476.0,
"function_hash": "296747417119701921630196183976897207130"
},
"id": "PUB-A-201535148-8d3e94d8",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/ui/MenuExecutor.java",
"function": "updateMenuOperation"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"124121812550960019558153676448282905593",
"304360074345030846887980361974022487906",
"130498359058527096788693341429213991671",
"293444533696919588124636516215613772621"
]
},
"id": "PUB-A-201535148-91897955",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/PhotoPage.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"208673660295514683132692648017397944953",
"24713391475014316976081674721436852615",
"219965225015347593613601824453551054076",
"130482664255764128077107670642087959200",
"219554274769602169267509696708206331840",
"292930793279240040612263451674494107236",
"220466905632410632604949305232363880686",
"36674523091403191071595003439103495433",
"43418378897529182851012265393080377056",
"213097997382651313558684976144026383149",
"251182660361597744502577074312175136311",
"93090113854154495696553465909703588788"
]
},
"id": "PUB-A-201535148-982bfcc7",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 883.0,
"function_hash": "179681300963211884690056854096109177439"
},
"id": "PUB-A-201535148-bdb90633",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/MultiChoiceManager.java",
"function": "updateActionItemVisibilities"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1539.0,
"function_hash": "31529863024041711136088590505432417332"
},
"id": "PUB-A-201535148-da218cc5",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/Wallpaper.java",
"function": "onResume"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 683.0,
"function_hash": "184387040173152115022342393261607881443"
},
"id": "PUB-A-201535148-f4822b42",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/photos/SelectionManager.java",
"function": "getSupportedOperations"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 47.0,
"function_hash": "326614150324117000539187597533491653795"
},
"id": "PUB-A-201535148-f685ae1e",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/filtershow/crop/CropExtras.java",
"function": "getSetAsWallpaper"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 2387.0,
"function_hash": "66694820858705258142543906607286954067"
},
"id": "PUB-A-201535148-f94382a5",
"source": "https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/gallery3d/app/PhotoPage.java",
"function": "onItemSelected"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Gallery2/+/0bd4d095a726eb491c51aaa2d66021786c1d331a"
],
"spl": "2022-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}