ASB-A-246301979

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-246301979.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-246301979
Aliases
  • A-246301979
  • CVE-2022-20497
Published
2022-12-01T00:00:00Z
Modified
2024-08-07T19:30:17.574589Z
Summary
Android lock screen sensitive notification bypass
Details

In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2022-12-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 538.0,
                "function_hash": "190588418345551663355609765547692379538"
            },
            "id": "ASB-A-246301979-6998adc7",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java",
                "function": "onFinishedWakingUp"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "70977099148725676643647344963098177975",
                    "87601262829086973039946857110525689631",
                    "75229539166028879170821491842669397854"
                ]
            },
            "id": "ASB-A-246301979-8d5ad13f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "189019318573364597729775322045545370920",
                    "259939595903421309363087070372861885779",
                    "138848741958075048862797082257222276444",
                    "51141288845929682830478177053491776503"
                ]
            },
            "id": "ASB-A-246301979-a90dbde1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b"
    ],
    "spl": "2022-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2022-12-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "70977099148725676643647344963098177975",
                    "87601262829086973039946857110525689631",
                    "75229539166028879170821491842669397854"
                ]
            },
            "id": "ASB-A-246301979-ce0270ec",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "189019318573364597729775322045545370920",
                    "259939595903421309363087070372861885779",
                    "138848741958075048862797082257222276444",
                    "51141288845929682830478177053491776503"
                ]
            },
            "id": "ASB-A-246301979-d43ba20f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 538.0,
                "function_hash": "190588418345551663355609765547692379538"
            },
            "id": "ASB-A-246301979-f95647a2",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java",
                "function": "onFinishedWakingUp"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b"
    ],
    "spl": "2022-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-12-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 489.0,
                "function_hash": "3257698937743569462312817818861464109"
            },
            "id": "ASB-A-246301979-398d8c89",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/CentralSurfacesImpl.java",
                "function": "onFinishedWakingUp"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "98317385964836131882163772788634368997",
                    "67278402601670486467211230165609993486",
                    "215244966485946350205066817988521522727",
                    "311919143622420956565248882532809556421",
                    "174231740453555715249936759787492739996",
                    "118152048707043496487424110566791159151",
                    "216623025662135250270535399797555570705"
                ]
            },
            "id": "ASB-A-246301979-8da12421",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b",
            "deprecated": true,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301014903525879260202893730219960317250",
                    "87601262829086973039946857110525689631",
                    "75229539166028879170821491842669397854"
                ]
            },
            "id": "ASB-A-246301979-baae5d8a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "51914021411191037143158952518150035281",
                    "299157340109141744649597792175238208421",
                    "11675338619483250530617358545678883365",
                    "51141288845929682830478177053491776503"
                ]
            },
            "id": "ASB-A-246301979-c29e0c66",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/phone/CentralSurfacesImpl.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 770.0,
                "function_hash": "262455860185120603881231326193312185329"
            },
            "id": "ASB-A-246301979-da54a1fe",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b",
            "deprecated": true,
            "signature_version": "v1",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java",
                "function": "updatePublicMode"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b"
    ],
    "spl": "2022-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}