PUB-A-227203202
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-227203202.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-227203202
- Aliases
-
- A-227203202
- CVE-2022-20520
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In onCreate of various files, there is a possible tapjacking/overlay attack. This could lead to local escalation of privilege or denial of server with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Stk
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13"
],
"digest": {
"length": 617.0,
"function_hash": "309734534497432772469917657419153149903"
},
"id": "PUB-A-227203202-11aa166a",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkLauncherActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"16331319415692900664991263969000373563",
"32903674284224779181547872332270240803",
"211070783403493648112129447320963906457",
"244434845725369027276330620267359026212",
"73239568632359670494613682591538814959",
"197215194042162855357850914485248454205",
"99753812936198728448509833078318710468"
]
},
"id": "PUB-A-227203202-2641679f",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkMenuActivity.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"241242705770390988074840894613341378826",
"190692794809729418785506080489809720897",
"207902758835253731781455480966443601316",
"44867289360513004971923989391930119081",
"319996437674898363782099646389683858209",
"312602895836139089927325441524962386480",
"177321378019546070655227650611608802409",
"227653540069485357998745333255455950884",
"117760190030289119568660487474991547211",
"264379416716377859673012494519317171038",
"52697215222843997533201199953393280425",
"63607581916527271179809722877198719985"
]
},
"id": "PUB-A-227203202-448fb754",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkMain.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 508.0,
"function_hash": "264175413917839377381362683111597863090"
},
"id": "PUB-A-227203202-58c31766",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkMain.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"267134777182661031288311122685343365817",
"168182571199202845242101970930948947241",
"40193802604750625517091337172587696943",
"335721937821416434163224023652736054925",
"305916075540227081900169820995332742553",
"26451365619367616917929927258293531288"
]
},
"id": "PUB-A-227203202-692a204a",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkInputActivity.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 922.0,
"function_hash": "155833520515330337672182973973844465936"
},
"id": "PUB-A-227203202-b7f012f6",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkMenuActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"243272355353562054059668005575964707016",
"322236995186957116070157815819765240660",
"277005766192158027755913485286841756679",
"271155950153697847955282722810889591830",
"36553800295712200038380029995972069497",
"14471384069313488771991165141786064867",
"218942731283702111993011917556327795195",
"12052827426037265803328229915546657477",
"252045884849488243815678929528999387218",
"264379416716377859673012494519317171038",
"52697215222843997533201199953393280425",
"63607581916527271179809722877198719985"
]
},
"id": "PUB-A-227203202-c2707462",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkLauncherActivity.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13"
],
"digest": {
"length": 1242.0,
"function_hash": "10905916639519345456858877326694946625"
},
"id": "PUB-A-227203202-ee2909cb",
"source": "https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "src/com/android/stk/StkInputActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Stk/+/aa8d8c37e1949286191649d9e9d97e750a948cf9"
],
"spl": "2022-12-01",
"severity": "Moderate",
"types": [
"EoP"
]
}