ASB-A-143559931

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-143559931.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-143559931
Aliases
  • A-143559931
  • CVE-2021-0954
Published
2021-12-01T00:00:00Z
Modified
2024-08-07T19:29:56.341735Z
Summary
Tracing UI allows screen overlays
Details

In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2021-12-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 320.0,
                "function_hash": "16801245604475508070394842503843383299"
            },
            "id": "ASB-A-143559931-2c7cec93",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/com/android/internal/app/ResolverActivity.java",
                "function": "onStop"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "177220730112562362975481177243944126788",
                    "316882834124858129675433101246921810016",
                    "231927513902354843655354166144287077118",
                    "99136575364451425205665976481226677084",
                    "78394746494317996597008007733940275779",
                    "246288416312934876901705751763189094889",
                    "312147092849622341844593337551332555717",
                    "47431250032964379252844522180322325121",
                    "235280558912958067013798381908610794370",
                    "149538627761328644360586179420645645861",
                    "302094335562652228694424274081590939127",
                    "271710277708292450602872488059474037478",
                    "37302441978418217021315186937300840365"
                ]
            },
            "id": "ASB-A-143559931-dadc7d95",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/com/android/internal/app/ResolverActivity.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9bd0b2f9d067b917399c56f979ffc6a3e5a3860b"
    ],
    "spl": "2021-12-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-12-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 513.0,
                "function_hash": "38272188515421580659518387826528323524"
            },
            "id": "ASB-A-143559931-04a4d8be",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/com/android/internal/app/ResolverActivity.java",
                "function": "onStop"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 171.0,
                "function_hash": "88241085435229882507438695390087493891"
            },
            "id": "ASB-A-143559931-9a3710a9",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/com/android/internal/app/ResolverActivity.java",
                "function": "onStart"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "3736309124304128800522875318419199755",
                    "249972676102972917997781457939573722604",
                    "835901836683609606547081771568234249",
                    "79249505377464030980742917383562096806",
                    "231927513902354843655354166144287077118",
                    "99136575364451425205665976481226677084",
                    "78394746494317996597008007733940275779",
                    "246288416312934876901705751763189094889",
                    "210245297293372535021467376282403572175",
                    "58043491323002696992405922306187614610",
                    "194135404117672918838722418416411749564",
                    "217789918901420698290343034740227962148",
                    "11506008236632799329301604970979863557",
                    "294969520337585549056746446486149671345",
                    "224437871614645284116344319445284762728",
                    "93887958247139041406027751750292654676",
                    "149538627761328644360586179420645645861",
                    "302094335562652228694424274081590939127",
                    "141729849074845958785237468684576940701",
                    "272219284389140227449533747056249406585"
                ]
            },
            "id": "ASB-A-143559931-d10f7f7a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/com/android/internal/app/ResolverActivity.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/978809e428bf44be1f9a86d1284aa61103b6f1cf"
    ],
    "spl": "2021-12-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}