ASB-A-237291548

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-237291548.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-237291548
Aliases
  • A-237291548
  • CVE-2023-20922
Published
2023-01-01T00:00:00Z
Modified
2024-08-07T19:29:01.356904Z
Summary
Permanent denial of service via PackageManager#setMimeGroup
Details

In setMimeGroup of PackageManagerService.java, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-01-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 317.0,
                "function_hash": "31294280568095720688979848123695635954"
            },
            "id": "ASB-A-237291548-689c4142",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java",
                "function": "setMimeGroup"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 316.0,
                "function_hash": "202065779681697887785813066323970793223"
            },
            "id": "ASB-A-237291548-ba2b806d",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java",
                "function": "addMimeGroupsFromComponent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "210117540197020962776174345141686794756",
                    "51948642604148014640836092643697507414",
                    "205660664688970755346070621134153847103",
                    "324953582019310280159648579909534960723",
                    "168716818758968046758879954649936712896",
                    "263769921199745771593932276872398587482",
                    "138999065848375296537325993490030824046",
                    "18609215631312155583475013314785796946",
                    "45662474198648549860772589265018421783"
                ]
            },
            "id": "ASB-A-237291548-c71da7fd",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "268500064949724540646062464114540390285",
                    "26624114904077745128475869533242173201",
                    "92274285989282330413503189164061015917",
                    "299560997409615174173387235143639540568"
                ]
            },
            "id": "ASB-A-237291548-d786b0db",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-01-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 317.0,
                "function_hash": "31294280568095720688979848123695635954"
            },
            "id": "ASB-A-237291548-a7eb5b93",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java",
                "function": "setMimeGroup"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 316.0,
                "function_hash": "202065779681697887785813066323970793223"
            },
            "id": "ASB-A-237291548-ed09d6bb",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java",
                "function": "addMimeGroupsFromComponent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "210117540197020962776174345141686794756",
                    "51948642604148014640836092643697507414",
                    "205660664688970755346070621134153847103",
                    "324953582019310280159648579909534960723",
                    "168716818758968046758879954649936712896",
                    "263769921199745771593932276872398587482",
                    "138999065848375296537325993490030824046",
                    "18609215631312155583475013314785796946",
                    "45662474198648549860772589265018421783"
                ]
            },
            "id": "ASB-A-237291548-f3d932d4",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "268500064949724540646062464114540390285",
                    "26624114904077745128475869533242173201",
                    "92274285989282330413503189164061015917",
                    "299560997409615174173387235143639540568"
                ]
            },
            "id": "ASB-A-237291548-f4880bde",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-01-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "268500064949724540646062464114540390285",
                    "26624114904077745128475869533242173201",
                    "92274285989282330413503189164061015917",
                    "299560997409615174173387235143639540568"
                ]
            },
            "id": "ASB-A-237291548-8a2dd490",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "210117540197020962776174345141686794756",
                    "51948642604148014640836092643697507414",
                    "205660664688970755346070621134153847103",
                    "324953582019310280159648579909534960723",
                    "168716818758968046758879954649936712896",
                    "263769921199745771593932276872398587482",
                    "138999065848375296537325993490030824046",
                    "18609215631312155583475013314785796946",
                    "45662474198648549860772589265018421783"
                ]
            },
            "id": "ASB-A-237291548-b3915c0c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 316.0,
                "function_hash": "202065779681697887785813066323970793223"
            },
            "id": "ASB-A-237291548-c4ab7d17",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/content/pm/parsing/ParsingPackageImpl.java",
                "function": "addMimeGroupsFromComponent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 317.0,
                "function_hash": "31294280568095720688979848123695635954"
            },
            "id": "ASB-A-237291548-f4cabb5a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageSetting.java",
                "function": "setMimeGroup"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3ae3406b9706163073c282a8c4081faa32b606b2"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-01-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "30191055480106049056194993607327286067",
                    "235517960090223571636718062440552614181",
                    "216759619484409388256620291861940690518",
                    "104557313668973816637947214172574763342",
                    "103285123252883016128370700089612069848",
                    "40422005414379151854055239047501645629",
                    "142335569646864487747916674092376756427",
                    "72148826583482198240471094835286963418"
                ]
            },
            "id": "ASB-A-237291548-01fae89c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bdd9d274ac4ce77c0e8d649141ceea115b1ddbe",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 331.0,
                "function_hash": "148266663536872324377172180670057155510"
            },
            "id": "ASB-A-237291548-47429be2",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bdd9d274ac4ce77c0e8d649141ceea115b1ddbe",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageImpl.java",
                "function": "addMimeGroupsFromComponent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "137761287683874598681207440966679683877",
                    "76808855365938853381443151439566633942",
                    "196329875820618050054266383821986722653",
                    "299560997409615174173387235143639540568"
                ]
            },
            "id": "ASB-A-237291548-4d32c240",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bdd9d274ac4ce77c0e8d649141ceea115b1ddbe",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/pkg/parsing/ParsingPackageImpl.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 820.0,
                "function_hash": "90756472752520483266498494755315935828"
            },
            "id": "ASB-A-237291548-b780fc64",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9bdd9d274ac4ce77c0e8d649141ceea115b1ddbe",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java",
                "function": "setMimeGroup"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9bdd9d274ac4ce77c0e8d649141ceea115b1ddbe"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}