In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 320.0, "function_hash": "16801245604475508070394842503843383299" }, "id": "ASB-A-143559931-2c7cec93", "source": "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/app/ResolverActivity.java", "function": "onStop" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "177220730112562362975481177243944126788", "316882834124858129675433101246921810016", "231927513902354843655354166144287077118", "99136575364451425205665976481226677084", "78394746494317996597008007733940275779", "246288416312934876901705751763189094889", "312147092849622341844593337551332555717", "47431250032964379252844522180322325121", "235280558912958067013798381908610794370", "149538627761328644360586179420645645861", "302094335562652228694424274081590939127", "271710277708292450602872488059474037478", "37302441978418217021315186937300840365" ] }, "id": "ASB-A-143559931-dadc7d95", "source": "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/app/ResolverActivity.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b" ], "spl": "2021-12-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 513.0, "function_hash": "38272188515421580659518387826528323524" }, "id": "ASB-A-143559931-04a4d8be", "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/app/ResolverActivity.java", "function": "onStop" }, "signature_type": "Function" }, { "digest": { "length": 171.0, "function_hash": "88241085435229882507438695390087493891" }, "id": "ASB-A-143559931-9a3710a9", "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/app/ResolverActivity.java", "function": "onStart" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "3736309124304128800522875318419199755", "249972676102972917997781457939573722604", "835901836683609606547081771568234249", "79249505377464030980742917383562096806", "231927513902354843655354166144287077118", "99136575364451425205665976481226677084", "78394746494317996597008007733940275779", "246288416312934876901705751763189094889", "210245297293372535021467376282403572175", "58043491323002696992405922306187614610", "194135404117672918838722418416411749564", "217789918901420698290343034740227962148", "11506008236632799329301604970979863557", "294969520337585549056746446486149671345", "224437871614645284116344319445284762728", "93887958247139041406027751750292654676", "149538627761328644360586179420645645861", "302094335562652228694424274081590939127", "141729849074845958785237468684576940701", "272219284389140227449533747056249406585" ] }, "id": "ASB-A-143559931-d10f7f7a", "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/app/ResolverActivity.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf" ], "spl": "2021-12-01", "severity": "High", "types": [ "EoP" ] }