ASB-A-238377411

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-238377411.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-238377411
Aliases
  • A-238377411
  • CVE-2022-20420
Published
2022-10-01T00:00:00Z
Modified
2024-08-07T19:29:27.705680Z
Summary
[OPTiM] FGS Task Manager displays a Stop button for apps that have been whitelisted to be exempt from battery optimization.
Details

In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-10-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 2215.0,
                "function_hash": "81851832787058760284793457627546280792"
            },
            "id": "ASB-A-238377411-00e006fe",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/26945bf8608a8d5e38bdda4a68e3d444eed03de0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/AppRestrictionController.java",
                "function": "getBackgroundRestrictionExemptionReason"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "338084814463838692865463276062272481269",
                    "204095983282894935881441189197943072724",
                    "111208491350462862960277179470679895697",
                    "163064010969996349495530247851842396655",
                    "16839510854669803563955315361634610793",
                    "1786610215237782535962533169394715750",
                    "334398862494929584959105449151793775680",
                    "330533647503340784153069115043786205902",
                    "143485974629224183528668425378540623940",
                    "26926396955253309710027627514622503319",
                    "273745746621807355187035804840176057909",
                    "305889137737588596988465704815320506336",
                    "134194250848175375095003306340074806879",
                    "194957543535939216182745666166217578049",
                    "26422771808357216473777961746329713413",
                    "265669218276827631057056749515506381182",
                    "76606515071439434307528638013225843903",
                    "288517370563388251142327358930969033659",
                    "130344593426080827019006436581711947077",
                    "186682583954881249989830317938655312716",
                    "225415400739484179376797177558147078077",
                    "51695108914376855781955835012299425394",
                    "150871703979736768091563171795087467328",
                    "191061473204025477134646219421376372468",
                    "21290638900906506377241001768891280698",
                    "186369197693698899165612098672542311067",
                    "574410352114663538138448114640889277",
                    "114051027259629430124426829744691013693",
                    "283453390914155909792195628521054937976",
                    "243016695195401865758899327290423773863",
                    "235135641989946274393347545803689135166",
                    "52733613119433308264821384417685192222",
                    "119872224072732039667693289869059257275",
                    "95863338367342909469211096695945675284"
                ]
            },
            "id": "ASB-A-238377411-9a5ec86e",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/26945bf8608a8d5e38bdda4a68e3d444eed03de0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/AppRestrictionController.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/26945bf8608a8d5e38bdda4a68e3d444eed03de0"
    ],
    "spl": "2022-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}