ASB-A-257030107

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-257030107.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-257030107
Aliases
  • A-257030107
  • CVE-2023-21082
Published
2023-04-01T00:00:00Z
Modified
2024-08-07T19:29:53.045818Z
Summary
Contact data enumeration using undocumented feature in TelecomManager.placeCall
Details

In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-04-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 441.0,
                "function_hash": "25650367202118149377194985008445113167"
            },
            "id": "ASB-A-257030107-4ffd9e2e",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java",
                "function": "getNumberFromCallIntent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327619331133315666563816080453806279531",
                    "32318420182758874816211085765289972831",
                    "110281608545597591164431212138094532539",
                    "205695334337411931340614792260803245969",
                    "337691025631713075387907201661943463651"
                ]
            },
            "id": "ASB-A-257030107-cfe5498b",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964"
    ],
    "spl": "2023-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-04-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327619331133315666563816080453806279531",
                    "32318420182758874816211085765289972831",
                    "110281608545597591164431212138094532539",
                    "205695334337411931340614792260803245969",
                    "337691025631713075387907201661943463651"
                ]
            },
            "id": "ASB-A-257030107-25fd71ec",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 441.0,
                "function_hash": "25650367202118149377194985008445113167"
            },
            "id": "ASB-A-257030107-e3a85c8c",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java",
                "function": "getNumberFromCallIntent"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf"
    ],
    "spl": "2023-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-04-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 441.0,
                "function_hash": "25650367202118149377194985008445113167"
            },
            "id": "ASB-A-257030107-425f4601",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java",
                "function": "getNumberFromCallIntent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327619331133315666563816080453806279531",
                    "32318420182758874816211085765289972831",
                    "110281608545597591164431212138094532539",
                    "205695334337411931340614792260803245969",
                    "337691025631713075387907201661943463651"
                ]
            },
            "id": "ASB-A-257030107-5fc5ac0c",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038"
    ],
    "spl": "2023-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-04-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327619331133315666563816080453806279531",
                    "32318420182758874816211085765289972831",
                    "110281608545597591164431212138094532539",
                    "205695334337411931340614792260803245969",
                    "337691025631713075387907201661943463651"
                ]
            },
            "id": "ASB-A-257030107-4959307f",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 441.0,
                "function_hash": "25650367202118149377194985008445113167"
            },
            "id": "ASB-A-257030107-cd06d5b9",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java",
                "function": "getNumberFromCallIntent"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0"
    ],
    "spl": "2023-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/services/Telecomm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-04-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 441.0,
                "function_hash": "25650367202118149377194985008445113167"
            },
            "id": "ASB-A-257030107-20a54918",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java",
                "function": "getNumberFromCallIntent"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327619331133315666563816080453806279531",
                    "32318420182758874816211085765289972831",
                    "110281608545597591164431212138094532539",
                    "205695334337411931340614792260803245969",
                    "337691025631713075387907201661943463651"
                ]
            },
            "id": "ASB-A-257030107-311e5964",
            "source": "https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1"
    ],
    "spl": "2023-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}