ASB-A-221041256

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-221041256.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-221041256
Aliases
  • A-221041256
  • CVE-2022-20353
Published
2022-08-01T00:00:00Z
Modified
2024-08-07T19:29:11.593656Z
Summary
Privilege Escalation in com.android.settings.DefaultRingtonePreference and com.android.dialer.app.settings.DefaultRingtonePreference
Details

In onSaveRingtone of DefaultRingtonePreference.java, there is a possible inappropriate file read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2022-08-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271736351209468321920923821596500881208",
                    "208411807507461914842515677540047944112",
                    "170974526492928665088682842224004720605",
                    "254402503382490168774319515126907561196",
                    "155983827564087819325286520719013472212",
                    "25746897509134563261658487765073342980",
                    "137382685630632855049870634427227194704",
                    "20047480911159830523004219151482838945"
                ]
            },
            "id": "ASB-A-221041256-14b0318a",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/640eab60f2baa9052d395fccd4a0324103ad6c7a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155983827564087819325286520719013472212",
                    "277880234744503426319297610589008749477",
                    "308578646048862143902743257230880885922",
                    "148410585817398078295239450436696621955"
                ]
            },
            "id": "ASB-A-221041256-74c563d4",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d94b73b3041614a5ff57c7745f50f235bf6c7783",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 503.0,
                "function_hash": "271031607249745761687440038053175194985"
            },
            "id": "ASB-A-221041256-b8537d4b",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d94b73b3041614a5ff57c7745f50f235bf6c7783",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 103.0,
                "function_hash": "147338097060983358059978639853961100975"
            },
            "id": "ASB-A-221041256-ba13ea38",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/640eab60f2baa9052d395fccd4a0324103ad6c7a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/640eab60f2baa9052d395fccd4a0324103ad6c7a",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/edf44161770a8d3aa5105b51d701c3abdae1776e",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/d94b73b3041614a5ff57c7745f50f235bf6c7783"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2022-08-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271736351209468321920923821596500881208",
                    "208411807507461914842515677540047944112",
                    "170974526492928665088682842224004720605",
                    "254402503382490168774319515126907561196",
                    "155983827564087819325286520719013472212",
                    "25746897509134563261658487765073342980",
                    "137382685630632855049870634427227194704",
                    "20047480911159830523004219151482838945"
                ]
            },
            "id": "ASB-A-221041256-3dc1d0e4",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/1682354551b8ee3c35a9ee1c1d9dc8238f5d6117",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155983827564087819325286520719013472212",
                    "277880234744503426319297610589008749477",
                    "308578646048862143902743257230880885922",
                    "148410585817398078295239450436696621955"
                ]
            },
            "id": "ASB-A-221041256-7807d205",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/973a46134b439b6dce2626bb0ba8ac34af7db29c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 103.0,
                "function_hash": "147338097060983358059978639853961100975"
            },
            "id": "ASB-A-221041256-7bbd47ac",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/1682354551b8ee3c35a9ee1c1d9dc8238f5d6117",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 503.0,
                "function_hash": "271031607249745761687440038053175194985"
            },
            "id": "ASB-A-221041256-f26ead89",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/973a46134b439b6dce2626bb0ba8ac34af7db29c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/1682354551b8ee3c35a9ee1c1d9dc8238f5d6117",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/32145cc362f9b111a7239539466eb5c788445a11",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/973a46134b439b6dce2626bb0ba8ac34af7db29c"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-08-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271736351209468321920923821596500881208",
                    "208411807507461914842515677540047944112",
                    "170974526492928665088682842224004720605",
                    "254402503382490168774319515126907561196",
                    "155983827564087819325286520719013472212",
                    "25746897509134563261658487765073342980",
                    "137382685630632855049870634427227194704",
                    "20047480911159830523004219151482838945"
                ]
            },
            "id": "ASB-A-221041256-ab0f2b53",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/f288d3a31bfc96e9680eaab2a312964ca1062f34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155983827564087819325286520719013472212",
                    "277880234744503426319297610589008749477",
                    "308578646048862143902743257230880885922",
                    "148410585817398078295239450436696621955"
                ]
            },
            "id": "ASB-A-221041256-b0130996",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/67b9fb57ea1e3ff5afdd7275da96a1c4add288ed",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 503.0,
                "function_hash": "271031607249745761687440038053175194985"
            },
            "id": "ASB-A-221041256-cae45ffe",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/67b9fb57ea1e3ff5afdd7275da96a1c4add288ed",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 103.0,
                "function_hash": "147338097060983358059978639853961100975"
            },
            "id": "ASB-A-221041256-d3c3d50e",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/f288d3a31bfc96e9680eaab2a312964ca1062f34",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/f288d3a31bfc96e9680eaab2a312964ca1062f34",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/0d8d05a22138a2d64cb3690af8edf88c1782a901",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/67b9fb57ea1e3ff5afdd7275da96a1c4add288ed"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2022-08-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 503.0,
                "function_hash": "271031607249745761687440038053175194985"
            },
            "id": "ASB-A-221041256-0a0e6c5b",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/46e00dc6dfe02a870fe953c18d2002b7e5662058",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 103.0,
                "function_hash": "147338097060983358059978639853961100975"
            },
            "id": "ASB-A-221041256-57bb95c8",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/1b7fa6f8fc42924af0b0cfbad25f3405de706a9f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java",
                "function": "onSaveRingtone"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271736351209468321920923821596500881208",
                    "208411807507461914842515677540047944112",
                    "170974526492928665088682842224004720605",
                    "254402503382490168774319515126907561196",
                    "155983827564087819325286520719013472212",
                    "25746897509134563261658487765073342980",
                    "137382685630632855049870634427227194704",
                    "20047480911159830523004219151482838945"
                ]
            },
            "id": "ASB-A-221041256-74b23108",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/1b7fa6f8fc42924af0b0cfbad25f3405de706a9f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155983827564087819325286520719013472212",
                    "277880234744503426319297610589008749477",
                    "308578646048862143902743257230880885922",
                    "148410585817398078295239450436696621955"
                ]
            },
            "id": "ASB-A-221041256-b687c564",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/46e00dc6dfe02a870fe953c18d2002b7e5662058",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/DefaultRingtonePreference.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/1b7fa6f8fc42924af0b0cfbad25f3405de706a9f",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/90968c8437dbac230808742f108c0f733b38f28c",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/46e00dc6dfe02a870fe953c18d2002b7e5662058"
    ],
    "spl": "2022-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}