In multiple locations, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "154024289320809624274946460578804696757", "151588659087965012770835819375748979376", "280364402766476244468737029756931468904", "11057617847484421365866785521485864046", "308960376137552327290394868068852179052" ] }, "id": "ASB-A-272020068-03f41490", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java" }, "signature_type": "Line" }, { "digest": { "length": 673.0, "function_hash": "81702766632057871562352111814049922870" }, "id": "ASB-A-272020068-4bb9dbd2", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java", "function": "onWalletCardsRetrieved" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "184641559218894618212227008777356932071", "258488567682341411313240920445946856462", "288065892403114452316990344918332207873", "86684942475027882702316005456625254702" ] }, "id": "ASB-A-272020068-63eb63b2", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java" }, "signature_type": "Line" }, { "digest": { "length": 235.0, "function_hash": "321485103869401293967141542063908118035" }, "id": "ASB-A-272020068-c7ef98a4", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java", "function": "QAWalletCardViewInfo" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c" ], "spl": "2023-08-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "match_only_versions": [ "11" ], "digest": { "length": 239.0, "function_hash": "245266871400380683230443391127046152544" }, "id": "ASB-A-272020068-141d9e90", "source": "https://android.googlesource.com/platform/packages/apps/QuickAccessWallet/+/36284852414f25d2977100fc98d1b1db4f7e6482", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/systemui/plugin/globalactions/wallet/WalletPanelViewController.java", "function": "QAWalletCardViewInfo" }, "signature_type": "Function" }, { "match_only_versions": [ "11" ], "digest": { "threshold": 0.9, "line_hashes": [ "73742276252965827634920533043700763320", "240890450615297895378835783092766574491", "193037111863378980735374553742452417935", "40472249060584533601300591027013008216", "275951776690968169302265799332597296180", "176061753774235849630070741735145956856", "181051966795297764024482497327111189936", "56247703958925250325187635788824166336" ] }, "id": "ASB-A-272020068-d70b157c", "source": "https://android.googlesource.com/platform/packages/apps/QuickAccessWallet/+/36284852414f25d2977100fc98d1b1db4f7e6482", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/systemui/plugin/globalactions/wallet/WalletPanelViewController.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/QuickAccessWallet/+/36284852414f25d2977100fc98d1b1db4f7e6482" ], "spl": "2023-08-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "length": 673.0, "function_hash": "81702766632057871562352111814049922870" }, "id": "ASB-A-272020068-57912457", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java", "function": "onWalletCardsRetrieved" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "154024289320809624274946460578804696757", "151588659087965012770835819375748979376", "280364402766476244468737029756931468904", "11057617847484421365866785521485864046", "308960376137552327290394868068852179052" ] }, "id": "ASB-A-272020068-8bd98fb8", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java" }, "signature_type": "Line" }, { "digest": { "threshold": 0.9, "line_hashes": [ "184641559218894618212227008777356932071", "258488567682341411313240920445946856462", "288065892403114452316990344918332207873", "86684942475027882702316005456625254702" ] }, "id": "ASB-A-272020068-bd6f8cd6", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java" }, "signature_type": "Line" }, { "digest": { "length": 235.0, "function_hash": "321485103869401293967141542063908118035" }, "id": "ASB-A-272020068-dbe5c40b", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java", "function": "QAWalletCardViewInfo" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c" ], "spl": "2023-08-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "184641559218894618212227008777356932071", "258488567682341411313240920445946856462", "288065892403114452316990344918332207873", "86684942475027882702316005456625254702" ] }, "id": "ASB-A-272020068-07a8563b", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java" }, "signature_type": "Line" }, { "digest": { "length": 673.0, "function_hash": "81702766632057871562352111814049922870" }, "id": "ASB-A-272020068-0bb643a7", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java", "function": "onWalletCardsRetrieved" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "154024289320809624274946460578804696757", "151588659087965012770835819375748979376", "280364402766476244468737029756931468904", "11057617847484421365866785521485864046", "308960376137552327290394868068852179052" ] }, "id": "ASB-A-272020068-bb06105e", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java" }, "signature_type": "Line" }, { "digest": { "length": 235.0, "function_hash": "321485103869401293967141542063908118035" }, "id": "ASB-A-272020068-d039ff23", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java", "function": "QAWalletCardViewInfo" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c" ], "spl": "2023-08-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "length": 673.0, "function_hash": "81702766632057871562352111814049922870" }, "id": "ASB-A-272020068-9feddd9a", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java", "function": "onWalletCardsRetrieved" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "154024289320809624274946460578804696757", "151588659087965012770835819375748979376", "280364402766476244468737029756931468904", "11057617847484421365866785521485864046", "308960376137552327290394868068852179052" ] }, "id": "ASB-A-272020068-c8554155", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/qs/tiles/QuickAccessWalletTile.java" }, "signature_type": "Line" }, { "digest": { "length": 235.0, "function_hash": "321485103869401293967141542063908118035" }, "id": "ASB-A-272020068-ef3b032e", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java", "function": "QAWalletCardViewInfo" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "184641559218894618212227008777356932071", "258488567682341411313240920445946856462", "288065892403114452316990344918332207873", "86684942475027882702316005456625254702" ] }, "id": "ASB-A-272020068-eff5af57", "source": "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c", "deprecated": false, "signature_version": "v1", "target": { "file": "packages/SystemUI/src/com/android/systemui/wallet/ui/WalletScreenController.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/ff753ae693065685d85bbda6af2953905fdf434c" ], "spl": "2023-08-01", "severity": "High", "types": [ "ID" ] }