PUB-A-212434116
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-212434116.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-212434116
- Aliases
-
- A-212434116
- CVE-2022-20193
- Published
- 2022-06-01T00:00:00Z
- Modified
- 2025-11-12T16:31:56.883595Z
- Summary
- [none]
- Details
-
In getUniqueUsagesWithLabels of PermissionUsageHelper.java, there is a possible incorrect permission attribution due to a logic error in the code. This could lead to local escalation of privilege by conflating apps with User execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/33c3c1a629f378d9f564fe3b5ce92c1fbdf4e28f"
],
"spl": "2022-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "getUniqueUsagesWithLabels",
"file": "core/java/android/permission/PermissionUsageHelper.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/33c3c1a629f378d9f564fe3b5ce92c1fbdf4e28f",
"digest": {
"function_hash": "202460318370882312398719118852787030654",
"length": 3487.0
},
"signature_type": "Function",
"id": "PUB-A-212434116-0bb47160"
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/33c3c1a629f378d9f564fe3b5ce92c1fbdf4e28f",
"deprecated": false,
"match_only_versions": [
"12L-next"
],
"id": "PUB-A-212434116-5a01f05a",
"signature_version": "v1",
"digest": {
"line_hashes": [
"3533908359882412590222118179923081064",
"24849968050747341306802915852391228762",
"110832373331595627386576120745340321095",
"279847583134339479414533799413649277636",
"317819650236557940462460722677636556510",
"169497498475065645660246597026721601557",
"311174132892158292686844851597423830539",
"113896931314091776928993261241871442329",
"237365607883393552066754755851109054926",
"185862501468530873479866666924445100097",
"105780168140607630644460332436321825920",
"170628414875915749426568573189170812934",
"46725452209489335369444446772736972892",
"243832910501085250156630926587225039942",
"132259659831429190872734385182404329543",
"292393193795615021931459732645256195856",
"155223141672807255291055395376459510284",
"196599768181248607286694303486516526694",
"239367631349933013588072332503298127812",
"221011059394082759035715937460830546733"
],
"threshold": 0.9
},
"signature_type": "Line",
"target": {
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/33c3c1a629f378d9f564fe3b5ce92c1fbdf4e28f",
"deprecated": false,
"match_only_versions": [
"12L-next"
],
"id": "PUB-A-212434116-c7544d08",
"signature_version": "v1",
"digest": {
"function_hash": "162046680605381155922134649847986454586",
"length": 1564.0
},
"signature_type": "Function",
"target": {
"function": "getOpUsageData",
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
}
],
"severity": "Moderate"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224"
],
"spl": "2022-06-01",
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224",
"deprecated": false,
"match_only_versions": [
"12L"
],
"id": "PUB-A-212434116-1174e256",
"signature_version": "v1",
"digest": {
"function_hash": "188656628399626464223487661189991557763",
"length": 3447.0
},
"signature_type": "Function",
"target": {
"function": "getUniqueUsagesWithLabels",
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224",
"deprecated": false,
"match_only_versions": [
"12L"
],
"id": "PUB-A-212434116-506eb115",
"signature_version": "v1",
"digest": {
"function_hash": "162046680605381155922134649847986454586",
"length": 1564.0
},
"signature_type": "Function",
"target": {
"function": "getOpUsageData",
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224",
"deprecated": false,
"match_only_versions": [
"12L"
],
"id": "PUB-A-212434116-50f07726",
"signature_version": "v1",
"digest": {
"line_hashes": [
"135587928143888776864514484198878421663",
"25583750520943956187399577955052766120",
"75333076767877731425046579915282515136",
"25140429892807752105713993636157743633",
"272638399866768747111431453099965192576",
"11336910902242431232203116119788083399",
"149561829418398438394064779545214540595",
"195223094919692073328651432991676468176",
"245954922514922800215371788815971486885",
"39596514292793835966217140556253862419",
"63354525651726791143011049666271945452",
"31918435844228006172996357713462133191",
"111339308574641061717826581564714239557",
"198602500653456806042893313280946018487",
"75407180318704451699303769443305508093",
"133821499640722557342489300525099521630",
"68323458315629293748775741994160718864",
"72823717686591627177952190568365727135",
"177139500828529983362893639229637849812",
"250215408980727935869150240411915695858",
"254459730855200808164668539356704048744",
"239858328523763450463976317236460703583",
"127464906641142906608790912058844296424",
"214537968681143213920306093821581684040",
"3533908359882412590222118179923081064",
"24849968050747341306802915852391228762",
"110832373331595627386576120745340321095",
"279847583134339479414533799413649277636",
"317819650236557940462460722677636556510",
"169497498475065645660246597026721601557",
"311174132892158292686844851597423830539",
"113896931314091776928993261241871442329",
"237365607883393552066754755851109054926",
"185862501468530873479866666924445100097",
"105780168140607630644460332436321825920",
"170628414875915749426568573189170812934",
"46725452209489335369444446772736972892",
"243832910501085250156630926587225039942",
"132259659831429190872734385182404329543",
"292393193795615021931459732645256195856",
"65710651372293136824364926683085261545",
"247976142422682683934619609540783332723",
"223894713851583494857985805282571200598",
"87998966540398972829476729684576980994",
"326702361222243110872534816155553240022",
"296476836091854705850479732605379460360",
"155223141672807255291055395376459510284",
"196599768181248607286694303486516526694",
"239367631349933013588072332503298127812",
"221011059394082759035715937460830546733",
"152095331586361608785395409981460912629",
"1279905394815903965235433271932190660",
"189320922761932110697235871584305733475",
"82996073950765807025184855147246858247",
"248387069187618115776446480768112153219",
"107281217373284456766190192124603338373",
"3156755515822723166091456201554106739",
"72597159650407225193500389269461614054",
"309975311548163256399999012492968284263",
"134810133981278278584158537841032207234",
"303862770466248233441503958135207538305",
"290795754405363144851648517288442129041",
"299456503465831713072030208258951134258",
"278650274078099115032664660339392441713",
"224638875941393401717181056959827335678",
"24052968078204499219415787177092009308",
"147134325787712170384620063951939575749",
"136472979348430948593086044617914465154",
"329579069046633169090664974302559201846",
"86672822403564984829354439394928130314",
"195775667530881327701511196013539644172",
"272042036149371258225208031301106705096",
"166729783718353363924201670414358626031"
],
"threshold": 0.9
},
"signature_type": "Line",
"target": {
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224",
"deprecated": false,
"match_only_versions": [
"12L"
],
"id": "PUB-A-212434116-a6b76afa",
"signature_version": "v1",
"digest": {
"function_hash": "114345130377172059268325321698173193264",
"length": 721.0
},
"signature_type": "Function",
"target": {
"function": "onOpActiveChanged",
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
},
{
"source": "https://android.googlesource.com/platform/frameworks/base/+/91abbb1669d36c14c84d9cf78537555656daa224",
"deprecated": false,
"match_only_versions": [
"12L"
],
"id": "PUB-A-212434116-dbb07d25",
"signature_version": "v1",
"digest": {
"function_hash": "231524995307544865627451862188604399587",
"length": 483.0
},
"signature_type": "Function",
"target": {
"function": "onOpStarted",
"file": "core/java/android/permission/PermissionUsageHelper.java"
}
}
],
"severity": "Moderate"
}