ASB-A-242846316

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-242846316.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-242846316
Aliases
  • A-242846316
  • CVE-2022-20493
Published
2023-01-01T00:00:00Z
Modified
2024-08-07T19:30:01.235642Z
Summary
Automatically turn on notification access after the user has turns off without the user's awareness via ZenRule#condition
Details

In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2023-01-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 486.0,
                "function_hash": "11074334164627762438878905038171332385"
            },
            "id": "ASB-A-242846316-066f1cec",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5cb217fff3bc7184bd776a9dc2991e7fce5e25bd",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java",
                "function": "Condition"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "252915858252393181858950285272959384341",
                    "278788551280931953272905500688785716843",
                    "258961808285613334958231566506346741020",
                    "298032798433109205566535582839433436025",
                    "39019814747014903180775230981152272039",
                    "213999347382142169190774008544742513719",
                    "257292537651431398061326789242835962132",
                    "328602949385755024560867337761046241673",
                    "280378460480286592607941732109799232646",
                    "142497321471513106035507800922636573045",
                    "185427983472574071408351209758204325985",
                    "69077207884892083112048340671921288585",
                    "121387875293937742678138289579632119908",
                    "195559258500053957149842765219060401240",
                    "172636395093802334379906374061159305157",
                    "91590196517595584562729079970903847725",
                    "210606271517317925653848038536919990692"
                ]
            },
            "id": "ASB-A-242846316-8c9b0045",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5cb217fff3bc7184bd776a9dc2991e7fce5e25bd",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/5cb217fff3bc7184bd776a9dc2991e7fce5e25bd"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-01-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 486.0,
                "function_hash": "11074334164627762438878905038171332385"
            },
            "id": "ASB-A-242846316-0eac9824",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/80c0fcf06d5a862c4b05be9896a5d320d2f71fb2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java",
                "function": "Condition"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "252915858252393181858950285272959384341",
                    "278788551280931953272905500688785716843",
                    "258961808285613334958231566506346741020",
                    "298032798433109205566535582839433436025",
                    "39019814747014903180775230981152272039",
                    "213999347382142169190774008544742513719",
                    "257292537651431398061326789242835962132",
                    "328602949385755024560867337761046241673",
                    "280378460480286592607941732109799232646",
                    "142497321471513106035507800922636573045",
                    "185427983472574071408351209758204325985",
                    "69077207884892083112048340671921288585",
                    "121387875293937742678138289579632119908",
                    "195559258500053957149842765219060401240",
                    "172636395093802334379906374061159305157",
                    "91590196517595584562729079970903847725",
                    "210606271517317925653848038536919990692"
                ]
            },
            "id": "ASB-A-242846316-9296ed14",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/80c0fcf06d5a862c4b05be9896a5d320d2f71fb2",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/80c0fcf06d5a862c4b05be9896a5d320d2f71fb2"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-01-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 486.0,
                "function_hash": "11074334164627762438878905038171332385"
            },
            "id": "ASB-A-242846316-45d216bd",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/7059638be9271303e22b7b3e8aa6d58677f6143b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java",
                "function": "Condition"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "252915858252393181858950285272959384341",
                    "278788551280931953272905500688785716843",
                    "258961808285613334958231566506346741020",
                    "298032798433109205566535582839433436025",
                    "39019814747014903180775230981152272039",
                    "213999347382142169190774008544742513719",
                    "257292537651431398061326789242835962132",
                    "328602949385755024560867337761046241673",
                    "280378460480286592607941732109799232646",
                    "142497321471513106035507800922636573045",
                    "185427983472574071408351209758204325985",
                    "69077207884892083112048340671921288585",
                    "121387875293937742678138289579632119908",
                    "195559258500053957149842765219060401240",
                    "172636395093802334379906374061159305157",
                    "91590196517595584562729079970903847725",
                    "210606271517317925653848038536919990692"
                ]
            },
            "id": "ASB-A-242846316-ddf43a8c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/7059638be9271303e22b7b3e8aa6d58677f6143b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/7059638be9271303e22b7b3e8aa6d58677f6143b"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-01-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "252915858252393181858950285272959384341",
                    "278788551280931953272905500688785716843",
                    "258961808285613334958231566506346741020",
                    "298032798433109205566535582839433436025",
                    "39019814747014903180775230981152272039",
                    "213999347382142169190774008544742513719",
                    "257292537651431398061326789242835962132",
                    "328602949385755024560867337761046241673",
                    "280378460480286592607941732109799232646",
                    "142497321471513106035507800922636573045",
                    "185427983472574071408351209758204325985",
                    "69077207884892083112048340671921288585",
                    "121387875293937742678138289579632119908",
                    "195559258500053957149842765219060401240",
                    "172636395093802334379906374061159305157",
                    "91590196517595584562729079970903847725",
                    "210606271517317925653848038536919990692"
                ]
            },
            "id": "ASB-A-242846316-51987162",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/73ad3844ac30ba7ca7c269bf50982427e8703354",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 486.0,
                "function_hash": "11074334164627762438878905038171332385"
            },
            "id": "ASB-A-242846316-74754805",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/73ad3844ac30ba7ca7c269bf50982427e8703354",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java",
                "function": "Condition"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/73ad3844ac30ba7ca7c269bf50982427e8703354"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-01-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 486.0,
                "function_hash": "11074334164627762438878905038171332385"
            },
            "id": "ASB-A-242846316-28849c55",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2a506d89f88c665c3d8252bf3762b5843aff1fdf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java",
                "function": "Condition"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "252915858252393181858950285272959384341",
                    "278788551280931953272905500688785716843",
                    "258961808285613334958231566506346741020",
                    "298032798433109205566535582839433436025",
                    "39019814747014903180775230981152272039",
                    "213999347382142169190774008544742513719",
                    "257292537651431398061326789242835962132",
                    "328602949385755024560867337761046241673",
                    "280378460480286592607941732109799232646",
                    "142497321471513106035507800922636573045",
                    "185427983472574071408351209758204325985",
                    "69077207884892083112048340671921288585",
                    "38404803694168051923123762133647414418",
                    "189238794017205403025077847082237073120",
                    "39236405370346344960500407681558973306",
                    "91590196517595584562729079970903847725",
                    "210606271517317925653848038536919990692"
                ]
            },
            "id": "ASB-A-242846316-81ee846a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2a506d89f88c665c3d8252bf3762b5843aff1fdf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/service/notification/Condition.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/2a506d89f88c665c3d8252bf3762b5843aff1fdf"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}