ASB-A-172841550

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-172841550.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-172841550
Aliases
  • A-172841550
  • CVE-2021-0391
Published
2021-03-01T00:00:00Z
Modified
2024-08-07T19:29:30.302143Z
Summary
Trick user to grant Account permission to evil apps by overlaying window on top of ChooseTypeAndAccountActivity
Details

In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2021-03-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "178359768545536217155368309597846025604",
                    "183806530238371095629457413808596688362",
                    "5700341369694652380894400123268701636",
                    "224382107640148875120939260169729141290",
                    "312878781065474030802867852517107064721",
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "228285847718047407535281181317771200063",
                    "231008373837216149174120767247680962482",
                    "136021868930287926586881329362937979609",
                    "64027953446879163076880012589637219411",
                    "213786331953044204028955855579177818240",
                    "219072579963742925253988223863639130972"
                ]
            },
            "id": "ASB-A-172841550-37308c25",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "282000476218600853847168279466067212598",
                    "301130012248540230541322432552879113061",
                    "40806355365134196489332550806188172707",
                    "183696238338071455145703843867476514601",
                    "34109602997009970710246737092766793521",
                    "302609440196899580451458479499124385845",
                    "331891034949669426949378089469598408524",
                    "128336888518402923848391216647591119861"
                ]
            },
            "id": "ASB-A-172841550-56351a4f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1869.0,
                "function_hash": "207624804220701369924702465345216722096"
            },
            "id": "ASB-A-172841550-7b454609",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1792.0,
                "function_hash": "244621459812270657650929719705734223593"
            },
            "id": "ASB-A-172841550-872ff582",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 3223.0,
                "function_hash": "283414556461806429582274343976581777224"
            },
            "id": "ASB-A-172841550-8bd6880c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "74546233059789329768633873525495880689",
                    "3154508882205384628659795506021986670",
                    "40951327312221610315975909859363774457",
                    "202755157990852472814754154122068967221",
                    "309684986002671021758820318678301498666"
                ]
            },
            "id": "ASB-A-172841550-9b92d03a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2"
    ],
    "spl": "2021-03-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
9:0
Fixed
9:2021-03-01

Affected versions

Other

9

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 3223.0,
                "function_hash": "283414556461806429582274343976581777224"
            },
            "id": "ASB-A-172841550-2274fc4f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1869.0,
                "function_hash": "207624804220701369924702465345216722096"
            },
            "id": "ASB-A-172841550-5bcacc4b",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "178359768545536217155368309597846025604",
                    "183806530238371095629457413808596688362",
                    "5700341369694652380894400123268701636",
                    "224382107640148875120939260169729141290",
                    "312878781065474030802867852517107064721",
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "228285847718047407535281181317771200063",
                    "231008373837216149174120767247680962482",
                    "136021868930287926586881329362937979609",
                    "64027953446879163076880012589637219411",
                    "213786331953044204028955855579177818240",
                    "219072579963742925253988223863639130972"
                ]
            },
            "id": "ASB-A-172841550-6371a1d6",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "282000476218600853847168279466067212598",
                    "301130012248540230541322432552879113061",
                    "40806355365134196489332550806188172707",
                    "183696238338071455145703843867476514601",
                    "34109602997009970710246737092766793521",
                    "302609440196899580451458479499124385845",
                    "331891034949669426949378089469598408524",
                    "128336888518402923848391216647591119861"
                ]
            },
            "id": "ASB-A-172841550-7ffe6d8b",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "74546233059789329768633873525495880689",
                    "3154508882205384628659795506021986670",
                    "40951327312221610315975909859363774457",
                    "202755157990852472814754154122068967221",
                    "309684986002671021758820318678301498666"
                ]
            },
            "id": "ASB-A-172841550-e4535032",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1792.0,
                "function_hash": "244621459812270657650929719705734223593"
            },
            "id": "ASB-A-172841550-ecd6870e",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/fedbadf57eeeb82813d8fd43aade685659b909c2"
    ],
    "spl": "2021-03-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2021-03-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "200457836423934089536685332323233631299",
                    "26535511759143710878878621249215939996",
                    "299407338395464618455965411335284229449",
                    "178359768545536217155368309597846025604",
                    "183806530238371095629457413808596688362",
                    "5700341369694652380894400123268701636",
                    "224382107640148875120939260169729141290",
                    "312878781065474030802867852517107064721",
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "228285847718047407535281181317771200063",
                    "231008373837216149174120767247680962482",
                    "136021868930287926586881329362937979609",
                    "64027953446879163076880012589637219411",
                    "213786331953044204028955855579177818240",
                    "219072579963742925253988223863639130972"
                ]
            },
            "id": "ASB-A-172841550-05268c13",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1792.0,
                "function_hash": "244621459812270657650929719705734223593"
            },
            "id": "ASB-A-172841550-607dbc74",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "74546233059789329768633873525495880689",
                    "3154508882205384628659795506021986670",
                    "40951327312221610315975909859363774457",
                    "202755157990852472814754154122068967221",
                    "309684986002671021758820318678301498666"
                ]
            },
            "id": "ASB-A-172841550-cf7d3616",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 3231.0,
                "function_hash": "300099533195188535265057815411891254940"
            },
            "id": "ASB-A-172841550-d3b2011e",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "338756025168672841503944107873105376071",
                    "80165988263966893077074478006064266377",
                    "301130012248540230541322432552879113061",
                    "287419706935573716614855437391569370395",
                    "35498394937681637763408142158138900005",
                    "40806355365134196489332550806188172707",
                    "183696238338071455145703843867476514601",
                    "34109602997009970710246737092766793521",
                    "302609440196899580451458479499124385845",
                    "331891034949669426949378089469598408524",
                    "128336888518402923848391216647591119861"
                ]
            },
            "id": "ASB-A-172841550-dcff1475",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1877.0,
                "function_hash": "58421124205205013095236493481565110791"
            },
            "id": "ASB-A-172841550-e5d4b407",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086"
    ],
    "spl": "2021-03-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-03-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "74546233059789329768633873525495880689",
                    "3154508882205384628659795506021986670",
                    "40951327312221610315975909859363774457",
                    "202755157990852472814754154122068967221",
                    "309684986002671021758820318678301498666"
                ]
            },
            "id": "ASB-A-172841550-2fbcc844",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "200457836423934089536685332323233631299",
                    "26535511759143710878878621249215939996",
                    "299407338395464618455965411335284229449",
                    "178359768545536217155368309597846025604",
                    "183806530238371095629457413808596688362",
                    "5700341369694652380894400123268701636",
                    "224382107640148875120939260169729141290",
                    "312878781065474030802867852517107064721",
                    "4140147898571390373091038897603107506",
                    "279634278991220379218199910692652348185",
                    "228285847718047407535281181317771200063",
                    "231008373837216149174120767247680962482",
                    "136021868930287926586881329362937979609",
                    "64027953446879163076880012589637219411",
                    "213786331953044204028955855579177818240",
                    "219072579963742925253988223863639130972"
                ]
            },
            "id": "ASB-A-172841550-4e3e6540",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 3231.0,
                "function_hash": "300099533195188535265057815411891254940"
            },
            "id": "ASB-A-172841550-9a6d15e6",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1792.0,
                "function_hash": "244621459812270657650929719705734223593"
            },
            "id": "ASB-A-172841550-9bf975b8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountTypeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "338756025168672841503944107873105376071",
                    "80165988263966893077074478006064266377",
                    "301130012248540230541322432552879113061",
                    "287419706935573716614855437391569370395",
                    "35498394937681637763408142158138900005",
                    "40806355365134196489332550806188172707",
                    "183696238338071455145703843867476514601",
                    "34109602997009970710246737092766793521",
                    "302609440196899580451458479499124385845",
                    "331891034949669426949378089469598408524",
                    "128336888518402923848391216647591119861"
                ]
            },
            "id": "ASB-A-172841550-bd42d3b0",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseTypeAndAccountActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1877.0,
                "function_hash": "58421124205205013095236493481565110791"
            },
            "id": "ASB-A-172841550-bf8a02ea",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/accounts/ChooseAccountActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/6ff42dd2d264cd89acdf45cf403147a870a14086"
    ],
    "spl": "2021-03-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}