ASB-A-219498290

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-219498290.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-219498290
Aliases
  • A-219498290
  • CVE-2022-20355
Published
2022-08-01T00:00:00Z
Modified
2024-08-07T19:29:51.605480Z
Summary
Proxy PAC URL can use several URL schemes, including file: and jar:
Details

In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2022-08-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-23dc30af",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-f78b48d6",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacManager.java",
                "function": "get"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2022-08-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-88d7e0a6",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacManager.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-aa785a7f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacManager.java",
                "function": "get"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/6d6f4106948bbad67b9845603392d084078997c4"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-08-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-235fad57",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java",
                "function": "get"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-48d5fd24",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-8301ac01",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-d4ba9aca",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java",
                "function": "get"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
        "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2022-08-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-35b359e0",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-5a71ee94",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java",
                "function": "get"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "86190834566979588039180141193482493171",
                    "303600187651083710211249546667631790915",
                    "199664307981176744344750625892476601904",
                    "179276276447717904611837717082188460977",
                    "327533619510778409940036610685920876994",
                    "260779311532663482353095973103429340781",
                    "162144524979438945718640329366595786392",
                    "50403743435597878699485083557349576773",
                    "76217712432441776287872860894137535175"
                ]
            },
            "id": "ASB-A-219498290-7b3ff69c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 670.0,
                "function_hash": "283639389942770913289098218172683449500"
            },
            "id": "ASB-A-219498290-dc56e940",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/connectivity/PacProxyService.java",
                "function": "get"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7",
        "https://android.googlesource.com/platform/frameworks/base/+/fe57c5bf892c54c495cacd23492532bfa9a63dd7"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}