In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 597.0, "function_hash": "95207611329866541020810522679702160389" }, "id": "ASB-A-157474195-0c1041eb", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "renameDocument" }, "signature_type": "Function" }, { "digest": { "length": 388.0, "function_hash": "177888745711270769104500725269179465166" }, "id": "ASB-A-157474195-21c197f4", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "deleteDocument" }, "signature_type": "Function" }, { "digest": { "length": 552.0, "function_hash": "104469326549119752783813600499935556036" }, "id": "ASB-A-157474195-3e7472a5", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "moveDocument" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "337768421731177914852952627660101406566", "160201817655052503962811299480944143267", "326805259670909050863234206244251260029", "166756985256022869606464148158220506442", "19149938257146352426317412782251334080", "304047694954246500064345687375436399951", "186652238605562309358180782191173623162", "313741471183135593549126092169425863949", "205883396251054809150709612950476294635", "208877308328643758029168981058035893429", "290405506323056615402018598059130139739", "58991343204514618830852163896601996662", "263529015495012105749591513539264233732", "269992576871638899273780706787786246227", "317399817418477653900571388810832556481" ] }, "id": "ASB-A-157474195-6cd8ad62", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java" }, "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "174315886285048729724468337538603502183", "13641771033659361517556201659059900667", "251762566533496679962500521846933460423", "98043791869773912361626476327699343355" ] }, "id": "ASB-A-157474195-96dc10bd", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba" ], "spl": "2021-02-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 597.0, "function_hash": "95207611329866541020810522679702160389" }, "id": "ASB-A-157474195-1b2974c5", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "renameDocument" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "174315886285048729724468337538603502183", "13641771033659361517556201659059900667", "251762566533496679962500521846933460423", "98043791869773912361626476327699343355" ] }, "id": "ASB-A-157474195-245b4ba2", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java" }, "signature_type": "Line" }, { "digest": { "length": 552.0, "function_hash": "104469326549119752783813600499935556036" }, "id": "ASB-A-157474195-c70ead19", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "moveDocument" }, "signature_type": "Function" }, { "digest": { "length": 388.0, "function_hash": "177888745711270769104500725269179465166" }, "id": "ASB-A-157474195-e3a70bbe", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java", "function": "deleteDocument" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "337768421731177914852952627660101406566", "160201817655052503962811299480944143267", "326805259670909050863234206244251260029", "166756985256022869606464148158220506442", "19149938257146352426317412782251334080", "304047694954246500064345687375436399951", "186652238605562309358180782191173623162", "313741471183135593549126092169425863949", "205883396251054809150709612950476294635", "208877308328643758029168981058035893429", "290405506323056615402018598059130139739", "58991343204514618830852163896601996662", "263529015495012105749591513539264233732", "269992576871638899273780706787786246227", "317399817418477653900571388810832556481" ] }, "id": "ASB-A-157474195-f8a15fd0", "source": "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/com/android/internal/content/FileSystemProvider.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/5afa7645579a01b77005b8a60f3713ca3e653fba" ], "spl": "2021-02-01", "severity": "High", "types": [ "EoP" ] }