ASB-A-213457638

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-213457638.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-213457638
Aliases
  • A-213457638
  • CVE-2022-20225
Published
2022-07-01T00:00:00Z
Modified
2024-08-16T00:42:06.788939Z
Summary
Possible Security Report - App can read group uuid of sim card(s) without requiring READ_PRIVILEGED_PHONE_STATE permission.
Details

In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/opt/telephony

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2022-07-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "170798595294613678534493715480809551648",
                    "85731751937280490573074621419231066066",
                    "252207569181961741661285617994400762952",
                    "323547277187699899198361067369519416581",
                    "198922279478817670410977329260599765369",
                    "248199077134062676251498125742683059126"
                ]
            },
            "id": "ASB-A-213457638-9602207d",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/12db8db9b127a3a9b414a8a09f6445c2a58f553e",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 304.0,
                "function_hash": "93347553898625176689672612339351455415"
            },
            "id": "ASB-A-213457638-a6d27dfd",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/12db8db9b127a3a9b414a8a09f6445c2a58f553e",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java",
                "function": "getSubscriptionProperty"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/opt/telephony/+/12db8db9b127a3a9b414a8a09f6445c2a58f553e"
    ],
    "spl": "2022-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/opt/telephony

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2022-07-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "318345005099167175638735175515408360866",
                    "76227838461729289359626885894136257225",
                    "208298297523743708379249323017622388267",
                    "141661230186442120772611226493047929364",
                    "72390182219535305868655594069327153162",
                    "248199077134062676251498125742683059126"
                ]
            },
            "id": "ASB-A-213457638-4dbd36a4",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/7f3dd2afda9546b8a08897b016393cd5fd54c8b6",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 326.0,
                "function_hash": "69897029542924365489245474301636154119"
            },
            "id": "ASB-A-213457638-db612bca",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/7f3dd2afda9546b8a08897b016393cd5fd54c8b6",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java",
                "function": "getSubscriptionProperty"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/opt/telephony/+/7f3dd2afda9546b8a08897b016393cd5fd54c8b6"
    ],
    "spl": "2022-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/opt/telephony

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-07-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "318345005099167175638735175515408360866",
                    "76227838461729289359626885894136257225",
                    "208298297523743708379249323017622388267",
                    "141661230186442120772611226493047929364",
                    "72390182219535305868655594069327153162",
                    "248199077134062676251498125742683059126"
                ]
            },
            "id": "ASB-A-213457638-bcaba9df",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/e873e764b9c3af081bc3155eab54fa6027f7785c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 326.0,
                "function_hash": "69897029542924365489245474301636154119"
            },
            "id": "ASB-A-213457638-fa22aeb8",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/e873e764b9c3af081bc3155eab54fa6027f7785c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java",
                "function": "getSubscriptionProperty"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/opt/telephony/+/e873e764b9c3af081bc3155eab54fa6027f7785c"
    ],
    "spl": "2022-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/opt/telephony

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2022-07-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 326.0,
                "function_hash": "69897029542924365489245474301636154119"
            },
            "id": "ASB-A-213457638-0522e7df",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/b7399246a90b2125ccca606e7eb3c5e7e2160cdb",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java",
                "function": "getSubscriptionProperty"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "318345005099167175638735175515408360866",
                    "76227838461729289359626885894136257225",
                    "208298297523743708379249323017622388267",
                    "141661230186442120772611226493047929364",
                    "72390182219535305868655594069327153162",
                    "248199077134062676251498125742683059126"
                ]
            },
            "id": "ASB-A-213457638-6fa8f9cc",
            "source": "https://android.googlesource.com/platform/frameworks/opt/telephony/+/b7399246a90b2125ccca606e7eb3c5e7e2160cdb",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/java/com/android/internal/telephony/SubscriptionController.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/opt/telephony/+/b7399246a90b2125ccca606e7eb3c5e7e2160cdb"
    ],
    "spl": "2022-07-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}