ASB-A-246930197

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-246930197.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-246930197
Aliases
  • A-246930197
  • CVE-2023-20915
Published
2023-01-01T00:00:00Z
Modified
2024-08-07T19:29:09.936283Z
Summary
Bypassing user interaction in phone account settings using duplicate registrations
Details

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2023-01-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "191428692203036891169269300380680344143",
                    "305963955621783784079010971334283190300",
                    "231937022321262630737638667408264917040",
                    "30059492216483856241252130697164868327",
                    "30989866934288147854260478263194178250",
                    "246599949515326332313875382405265635151",
                    "144809233204552012888156017442822400605",
                    "307858737469835196967996439899724714477",
                    "323505246576253047233690915617918370188",
                    "94267112810260165008156102103583574617",
                    "61719318870431928839500994345877224039"
                ]
            },
            "id": "ASB-A-246930197-9d2dc72f",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1208.0,
                "function_hash": "25179276169845475851998020789918765667"
            },
            "id": "ASB-A-246930197-c46a83ee",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java",
                "function": "addOrReplacePhoneAccount"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-01-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 1208.0,
                "function_hash": "25179276169845475851998020789918765667"
            },
            "id": "ASB-A-246930197-415780d9",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java",
                "function": "addOrReplacePhoneAccount"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "191428692203036891169269300380680344143",
                    "305963955621783784079010971334283190300",
                    "231937022321262630737638667408264917040",
                    "30059492216483856241252130697164868327",
                    "30989866934288147854260478263194178250",
                    "246599949515326332313875382405265635151",
                    "144809233204552012888156017442822400605",
                    "307858737469835196967996439899724714477",
                    "323505246576253047233690915617918370188",
                    "94267112810260165008156102103583574617",
                    "61719318870431928839500994345877224039"
                ]
            },
            "id": "ASB-A-246930197-aa796bb5",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-01-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "191428692203036891169269300380680344143",
                    "305963955621783784079010971334283190300",
                    "231937022321262630737638667408264917040",
                    "30059492216483856241252130697164868327",
                    "30989866934288147854260478263194178250",
                    "246599949515326332313875382405265635151",
                    "144809233204552012888156017442822400605",
                    "307858737469835196967996439899724714477",
                    "323505246576253047233690915617918370188",
                    "94267112810260165008156102103583574617",
                    "61719318870431928839500994345877224039"
                ]
            },
            "id": "ASB-A-246930197-54e0de9d",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1208.0,
                "function_hash": "25179276169845475851998020789918765667"
            },
            "id": "ASB-A-246930197-68cefce6",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java",
                "function": "addOrReplacePhoneAccount"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/833dd8480adc773e36d388521a14fd8cd11d6a30"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-01-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "191428692203036891169269300380680344143",
                    "305963955621783784079010971334283190300",
                    "231937022321262630737638667408264917040",
                    "30059492216483856241252130697164868327",
                    "30989866934288147854260478263194178250",
                    "246599949515326332313875382405265635151",
                    "144809233204552012888156017442822400605",
                    "307858737469835196967996439899724714477",
                    "323505246576253047233690915617918370188",
                    "94267112810260165008156102103583574617",
                    "61719318870431928839500994345877224039"
                ]
            },
            "id": "ASB-A-246930197-115ff6bb",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1208.0,
                "function_hash": "25179276169845475851998020789918765667"
            },
            "id": "ASB-A-246930197-7dbea486",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java",
                "function": "addOrReplacePhoneAccount"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-01-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "191428692203036891169269300380680344143",
                    "305963955621783784079010971334283190300",
                    "231937022321262630737638667408264917040",
                    "30059492216483856241252130697164868327",
                    "30989866934288147854260478263194178250",
                    "246599949515326332313875382405265635151",
                    "144809233204552012888156017442822400605",
                    "307858737469835196967996439899724714477",
                    "323505246576253047233690915617918370188",
                    "94267112810260165008156102103583574617",
                    "61719318870431928839500994345877224039"
                ]
            },
            "id": "ASB-A-246930197-050ea465",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1208.0,
                "function_hash": "25179276169845475851998020789918765667"
            },
            "id": "ASB-A-246930197-7e352d69",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/PhoneAccountRegistrar.java",
                "function": "addOrReplacePhoneAccount"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/ce3216cbde1a2f0a7912f027aeb0c30316613116"
    ],
    "spl": "2023-01-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}