In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "40091479508753482757256274639819598751", "202831181816815184799030650557254650708", "133247619756146816315066083315766021679", "69901982178580409085884145126976169152", "242123018654011064478382392893260494122", "99763509346192368468632133568933143433" ] }, "id": "ASB-A-176445224-48e9a922", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java" }, "signature_type": "Line" }, { "digest": { "length": 1613.0, "function_hash": "128962696814408615060862366236348820039" }, "id": "ASB-A-176445224-f2143192", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java", "function": "onCreate" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec" ], "spl": "2021-07-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "40091479508753482757256274639819598751", "202831181816815184799030650557254650708", "133247619756146816315066083315766021679", "69901982178580409085884145126976169152", "242123018654011064478382392893260494122", "99763509346192368468632133568933143433" ] }, "id": "ASB-A-176445224-4b607ef9", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java" }, "signature_type": "Line" }, { "digest": { "length": 1613.0, "function_hash": "128962696814408615060862366236348820039" }, "id": "ASB-A-176445224-d6e9cad9", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java", "function": "onCreate" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec" ], "spl": "2021-07-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 1613.0, "function_hash": "128962696814408615060862366236348820039" }, "id": "ASB-A-176445224-330661db", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java", "function": "onCreate" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "40091479508753482757256274639819598751", "202831181816815184799030650557254650708", "133247619756146816315066083315766021679", "69901982178580409085884145126976169152", "242123018654011064478382392893260494122", "99763509346192368468632133568933143433" ] }, "id": "ASB-A-176445224-cbac5482", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec" ], "spl": "2021-07-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 1613.0, "function_hash": "128962696814408615060862366236348820039" }, "id": "ASB-A-176445224-6099e1b0", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java", "function": "onCreate" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "40091479508753482757256274639819598751", "202831181816815184799030650557254650708", "133247619756146816315066083315766021679", "69901982178580409085884145126976169152", "242123018654011064478382392893260494122", "99763509346192368468632133568933143433" ] }, "id": "ASB-A-176445224-f1b442cc", "source": "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/nfc/handover/ConfirmConnectActivity.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Nfc/+/ff1fcc3edd8c01cc3f258e1ed7580af45df2f3ec" ], "spl": "2021-07-01", "severity": "High", "types": [ "EoP" ] }