PUB-A-215212561
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-215212561.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-215212561
- Aliases
-
- A-215212561
- CVE-2022-20205
- Published
- 2022-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In isFileUri of FileUtil.java, there is a possible way to bypass the check for a file:// scheme due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Messaging
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"55151738822368162832341839954082388316",
"158532543148131802520662100669517338349",
"430341620960188749378931978653877775",
"257116361882594476370450298514782839007"
]
},
"id": "PUB-A-215212561-14b8f296",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/ImageUtils.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1153.0,
"function_hash": "328102028242482894970860856334176688375"
},
"id": "PUB-A-215212561-542b68f1",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/ImageUtils.java",
"function": "resizeGifImage"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 202.0,
"function_hash": "86737825198178567318258606714352033387"
},
"id": "PUB-A-215212561-7fcc2b73",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java",
"function": "isInPrivateDir"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 127.0,
"function_hash": "279445365553651897327282062363648628144"
},
"id": "PUB-A-215212561-971e8410",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java",
"function": "isFileUri"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"301304605707105986568318815528801431508",
"247194603926222060554680320145895243998",
"145901796073728064701950275761276492152",
"6369635545030450401114924997173265369",
"232426966261262354398890034281368853349",
"334385709999191821037257413146697906683",
"98211686701115947148831535440844800138",
"272619025638548499545829796009713234427",
"91950206126483064770472477229327269451"
]
},
"id": "PUB-A-215212561-b21c21a6",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/mmslib/pdu/PduPersister.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"278221800015042108510720358144854156099",
"96926762268128381353059792894218726378",
"133980779932545692079384517201769998087",
"165637699960546409601489629862874630445",
"52500540636834501652623066649234039648",
"338473651741458288321596832034434836563",
"221349403753932766943465425292837114063",
"251803775468755073494165601775336491475"
]
},
"id": "PUB-A-215212561-bccd8ddc",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L-next"
],
"digest": {
"length": 1122.0,
"function_hash": "129045183642100473667765870766515312170"
},
"id": "PUB-A-215212561-c1ef1f80",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/mmslib/pdu/PduPersister.java",
"function": "convertUriToPath"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Messaging/+/ebc64c5bae620cb67808935b0fb61cf2cfce4a9c"
],
"spl": "2022-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}
Android / platform/packages/apps/Messaging
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1122.0,
"function_hash": "129045183642100473667765870766515312170"
},
"id": "PUB-A-215212561-140999fa",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/mmslib/pdu/PduPersister.java",
"function": "convertUriToPath"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"55151738822368162832341839954082388316",
"158532543148131802520662100669517338349",
"430341620960188749378931978653877775",
"257116361882594476370450298514782839007"
]
},
"id": "PUB-A-215212561-33ce77ba",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/ImageUtils.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 202.0,
"function_hash": "86737825198178567318258606714352033387"
},
"id": "PUB-A-215212561-3d9c0bb9",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java",
"function": "isInPrivateDir"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 127.0,
"function_hash": "279445365553651897327282062363648628144"
},
"id": "PUB-A-215212561-6b29dc16",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java",
"function": "isFileUri"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"length": 1153.0,
"function_hash": "328102028242482894970860856334176688375"
},
"id": "PUB-A-215212561-cb77d132",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/ImageUtils.java",
"function": "resizeGifImage"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"301304605707105986568318815528801431508",
"247194603926222060554680320145895243998",
"145901796073728064701950275761276492152",
"6369635545030450401114924997173265369",
"232426966261262354398890034281368853349",
"334385709999191821037257413146697906683",
"98211686701115947148831535440844800138",
"272619025638548499545829796009713234427",
"91950206126483064770472477229327269451"
]
},
"id": "PUB-A-215212561-cf8e7261",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/mmslib/pdu/PduPersister.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"12L"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"278221800015042108510720358144854156099",
"96926762268128381353059792894218726378",
"133980779932545692079384517201769998087",
"165637699960546409601489629862874630445",
"52500540636834501652623066649234039648",
"338473651741458288321596832034434836563",
"221349403753932766943465425292837114063",
"251803775468755073494165601775336491475"
]
},
"id": "PUB-A-215212561-fce40473",
"source": "https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/messaging/util/FileUtil.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Messaging/+/27e27d944b4e923ca9b81e7fdd6744f94cebb508"
],
"spl": "2022-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}