ASB-A-246539931

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-246539931.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-246539931
Aliases
  • A-246539931
  • CVE-2022-20499
Published
2023-03-01T00:00:00Z
Modified
2024-08-07T19:29:40.956974Z
Summary
Permanent denial of service via WifiManager#addOrUpdatePasspointConfiguration with invalid PasspointConfiguration.mDecoratedIdentityPrefix
Details

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Wifi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-03-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 991.0,
                "function_hash": "230696396806453930136104640242750648325"
            },
            "id": "ASB-A-246539931-cb8ac68d",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/68abe8f2737d6fd3c0a0ccf9e4664dd747aa9a74",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java",
                "function": "validateForCommonR1andR2"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "264168491459372532987784367660727173796",
                    "214874892743754442154171900363694655676",
                    "339229000768410771364063529012028771767",
                    "278469412983377988081497849109025267503",
                    "106974296970616176305199293702551927463",
                    "153158301726473207208685587493976418067",
                    "106818876907567897823183539682340642235",
                    "183231353652488867236144785869659977889"
                ]
            },
            "id": "ASB-A-246539931-efc82843",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/68abe8f2737d6fd3c0a0ccf9e4664dd747aa9a74",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Wifi/+/68abe8f2737d6fd3c0a0ccf9e4664dd747aa9a74"
    ],
    "spl": "2023-03-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/packages/modules/Wifi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-03-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "264168491459372532987784367660727173796",
                    "214874892743754442154171900363694655676",
                    "339229000768410771364063529012028771767",
                    "278469412983377988081497849109025267503",
                    "106974296970616176305199293702551927463",
                    "153158301726473207208685587493976418067",
                    "106818876907567897823183539682340642235",
                    "183231353652488867236144785869659977889"
                ]
            },
            "id": "ASB-A-246539931-016a1380",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/331c1006829f58939a24b787b949f8a62e4681ce",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 991.0,
                "function_hash": "230696396806453930136104640242750648325"
            },
            "id": "ASB-A-246539931-36ceaa52",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/331c1006829f58939a24b787b949f8a62e4681ce",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java",
                "function": "validateForCommonR1andR2"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Wifi/+/331c1006829f58939a24b787b949f8a62e4681ce"
    ],
    "spl": "2023-03-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/packages/modules/Wifi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-03-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "264168491459372532987784367660727173796",
                    "214874892743754442154171900363694655676",
                    "339229000768410771364063529012028771767",
                    "278469412983377988081497849109025267503",
                    "106974296970616176305199293702551927463",
                    "153158301726473207208685587493976418067",
                    "106818876907567897823183539682340642235",
                    "183231353652488867236144785869659977889"
                ]
            },
            "id": "ASB-A-246539931-31036a86",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/2e0196f10caaba981ec595d4c67a820eb802f74b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 991.0,
                "function_hash": "230696396806453930136104640242750648325"
            },
            "id": "ASB-A-246539931-9618a544",
            "source": "https://android.googlesource.com/platform/packages/modules/Wifi/+/2e0196f10caaba981ec595d4c67a820eb802f74b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "framework/java/android/net/wifi/hotspot2/PasspointConfiguration.java",
                "function": "validateForCommonR1andR2"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Wifi/+/2e0196f10caaba981ec595d4c67a820eb802f74b"
    ],
    "spl": "2023-03-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}