ASB-A-179053823

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-179053823.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-179053823
Aliases
  • A-179053823
  • CVE-2021-0517
Published
2021-06-01T00:00:00Z
Modified
2024-08-07T19:29:13.814961Z
Summary
Assessment Bug for Security Vulnerability - Fi VPN prevents Chrome from working
Details

In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state determination due to a logic error in the code. This could lead to biasing of networking tasks to occur on non-VPN networks, which could lead to remote information disclosure, with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-06-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "1507347477625288206924147384212062311",
                    "167688605867282803177728729677168565494",
                    "137122953859527318281001713726447669367",
                    "18219262625178533219379706478832290769",
                    "130737000761195551633978398735643043315",
                    "258202711614118339221988124104917980448",
                    "282747096984891809597603264365114496715",
                    "90655393699161537400335180027105381933",
                    "175242587158792847800811199501507512010"
                ]
            },
            "id": "ASB-A-179053823-2c6d2528",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f3d35fdeaab97b8f2646fbcadcc50413138d369a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "tests/net/integration/util/com/android/server/NetworkAgentWrapper.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "130685122290000269070185916806103745772",
                    "10330500819088495888833910037773966921",
                    "184632244487065695388626587647657404593",
                    "258382400710289303571064109129317024935",
                    "97767333076461204489629404154209508822",
                    "27051001654010681673116087546152186240",
                    "4279791367659397505693756116762427839",
                    "164868897662531412708543463541585522507",
                    "264847955601993648350212795163248573560",
                    "155016246756462894656171077109222831908",
                    "293821000695020235782908004134707957641",
                    "30688429203509602610690175745648332808",
                    "260377386838969607211462570123745388094",
                    "28780719410803030128354082911063688607",
                    "328787977812036799257746573734734842462",
                    "132990505161844785431176339823274973549",
                    "109015711842139512682109670783874066820",
                    "90904430466385290694059485275121690615",
                    "180976549560987988347727975604466392926"
                ]
            },
            "id": "ASB-A-179053823-412eb382",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d680e7cd3c58da63d7753f2e4dce5683d2fd893",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/ConnectivityService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "82430332723054704973814326013453390247",
                    "154252307144114275208524740098786919116",
                    "85776445773038469964823270029051538900",
                    "241287416356538605801110510077084948855"
                ]
            },
            "id": "ASB-A-179053823-510727af",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/7c4ae16b94ce8f36e4e047ac4c825794d1c21db2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/Vpn.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1510.0,
                "function_hash": "162341957182682762582143686583421943566"
            },
            "id": "ASB-A-179053823-d2d365d4",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d680e7cd3c58da63d7753f2e4dce5683d2fd893",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/ConnectivityService.java",
                "function": "updateCapabilities"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1024.0,
                "function_hash": "156584358442038041910340445517037970033"
            },
            "id": "ASB-A-179053823-efb4b64a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f3d35fdeaab97b8f2646fbcadcc50413138d369a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "tests/net/integration/util/com/android/server/NetworkAgentWrapper.java",
                "function": "NetworkAgentWrapper"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9d680e7cd3c58da63d7753f2e4dce5683d2fd893",
        "https://android.googlesource.com/platform/frameworks/base/+/1255ddbc76df53c9562a87cd5701d791e0ec55ad",
        "https://android.googlesource.com/platform/frameworks/base/+/be317557fe11d9a27412712556c9203778fab645",
        "https://android.googlesource.com/platform/frameworks/base/+/4a66aedf09ccdf19d302a5cff6dec5ec9da076bf",
        "https://android.googlesource.com/platform/frameworks/base/+/1a05734c87f9e3ce0cbd33ea1f13ee7a27c57f01",
        "https://android.googlesource.com/platform/frameworks/base/+/d2adbfbf40aaf5d533607fe71e93d6ff6cba2ba1",
        "https://android.googlesource.com/platform/frameworks/base/+/f3d35fdeaab97b8f2646fbcadcc50413138d369a",
        "https://android.googlesource.com/platform/frameworks/base/+/d10299582ae9965c0ff70b5fceb4ce8ee591734e",
        "https://android.googlesource.com/platform/frameworks/base/+/7c4ae16b94ce8f36e4e047ac4c825794d1c21db2",
        "https://android.googlesource.com/platform/frameworks/base/+/334a66342c799018f25c015c54a2c2c017e1ec36",
        "https://android.googlesource.com/platform/frameworks/base/+/cb2feba0fbc5f9a80e3c5cc863ecd56b26113e39",
        "https://android.googlesource.com/platform/frameworks/base/+/9687fd7c3bcb563d8bd3b53874f6e35876275dda"
    ],
    "spl": "2021-06-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}