ASB-A-175614289

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-175614289.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-175614289
Aliases
  • A-175614289
  • CVE-2021-0599
Published
2021-07-01T00:00:00Z
Modified
2024-08-07T19:29:51.742823Z
Summary
Information disclosure in timeout feature of the Notification
Details

In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.1:0
Fixed
8.1:2021-07-01

Affected versions

8.*

8.1

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155140798746955026211922233343569436904",
                    "40679412187670084343085350279336058230",
                    "319361658088727101539218216098082093863",
                    "238337608107298172025037589602738868900"
                ]
            },
            "id": "ASB-A-175614289-2205c988",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/7dfcfe85ae1225547ffb9e369d15c7952847d1bf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/NotificationManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 599.0,
                "function_hash": "4679512688626466174133925212477317438"
            },
            "id": "ASB-A-175614289-4900edc5",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/7dfcfe85ae1225547ffb9e369d15c7952847d1bf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/NotificationManagerService.java",
                "function": "scheduleTimeoutLocked"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/7dfcfe85ae1225547ffb9e369d15c7952847d1bf"
    ],
    "spl": "2021-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-07-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155140798746955026211922233343569436904",
                    "40679412187670084343085350279336058230",
                    "319361658088727101539218216098082093863",
                    "238337608107298172025037589602738868900"
                ]
            },
            "id": "ASB-A-175614289-516df413",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4056976f1e7556873696e0a23ad612659669ebad",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/NotificationManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 600.0,
                "function_hash": "102344930994049120752323747863630688565"
            },
            "id": "ASB-A-175614289-ef2973a8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4056976f1e7556873696e0a23ad612659669ebad",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/NotificationManagerService.java",
                "function": "scheduleTimeoutLocked"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/4056976f1e7556873696e0a23ad612659669ebad"
    ],
    "spl": "2021-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}