ASB-A-370477460

See a problem?
Import Source
https://storage.googleapis.com/android-osv-test/ASB-A-370477460.json
JSON Data
https://api.test.osv.dev/v1/vulns/ASB-A-370477460
Aliases
  • A-370477460
  • CVE-2025-26437
Published
2025-06-01T00:00:00Z
Modified
2025-08-07T04:57:15.411656Z
Summary
[none]
Details

In CredentialManagerServiceStub of CredentialManagerService.java, there is a possible way to retrieve candidate credentials due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16-next:0
Fixed
16-next:2025-06-01

Affected versions

Other

16-next

Ecosystem specific 

{
    "spl": "2025-06-01",
    "vanir_signatures": [
        {
            "id": "ASB-A-370477460-7728e348",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "138577848234341603437095609589561053688",
                    "55991586641641286659296986824021752837",
                    "68858622012237976314078123664975942140",
                    "18481188494246600912364260583610353341",
                    "236757797298643586277567079489527692433",
                    "260400859541391930397799917262971480305",
                    "89796163820097067758905871865778352977",
                    "152470181634356134627737138537383340738",
                    "339794184165844137590346342789191757060",
                    "70771956055940442514103611574301114154",
                    "274392003005117655454855067371589433834",
                    "207043211942330825131371115835424927412",
                    "142280056840589166469166032296599249750",
                    "85859684829694125647308804128709788831",
                    "286874114293666114362091820468029395819",
                    "268613525113223715935043355059855888777"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/571a97ade14d3e008172a1c084bf7331f6fc8875",
            "signature_version": "v1",
            "deprecated": false
        },
        {
            "id": "ASB-A-370477460-917a26fe",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "294556720075634146300425597340122841828",
                    "90793012494006606017258158541640781365",
                    "97749042758621175815391654306987194832",
                    "101960069846889984910234314243966121830",
                    "320810386766007999778854466970094456268",
                    "333625407339821920590291403358576209553",
                    "75647674855785864753358257927490063485",
                    "17805037355155651898019607365927712338",
                    "158402834976305611152794025531879690734",
                    "336497536153595433765840726211008102575",
                    "165321994036957312199336791105738289515",
                    "294760754193077874303212972921049950708",
                    "267794578826483153022066567197407972603",
                    "311542086325215696765338073257917747731",
                    "325035756328539981777024368496728811270",
                    "278335170656956473724740197892661750046",
                    "122172033690423233593368373914572717772",
                    "189787889139512175614560825707538111501",
                    "132321631012410350267449429669554266755",
                    "295735070461910487940551481179063697500",
                    "206211708640655668920721024898383145301",
                    "290511400841065439310849293791419456168",
                    "144314226689992780204890886075485089777",
                    "158397633145467768248259303451638145780",
                    "240563913664550238722470443331662439133",
                    "309995766658977711564242172513886115116",
                    "48410371029172638552172612027336219906",
                    "209887081086163599045060986967779441814",
                    "23572457626973554471107450708832384939",
                    "132790166677659262632644919723658733797",
                    "320699273051755864104454535962759683845",
                    "157073551821047431470484239279069548756",
                    "120390902282659605038760987506940073851"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/b3d70aab1515d583aeebbcb6440f6c790502bc8f",
            "signature_version": "v1",
            "deprecated": false
        },
        {
            "id": "ASB-A-370477460-a5393f29",
            "signature_type": "Function",
            "digest": {
                "length": 1064.0,
                "function_hash": "85506144085095692283384990131351925646"
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java",
                "function": "getCandidateCredentials"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/571a97ade14d3e008172a1c084bf7331f6fc8875",
            "signature_version": "v1",
            "deprecated": false
        },
        {
            "id": "ASB-A-370477460-c54a4b8e",
            "signature_type": "Function",
            "digest": {
                "length": 1862.0,
                "function_hash": "54443720056020423120503886143177111405"
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java",
                "function": "getCandidateCredentials"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/b3d70aab1515d583aeebbcb6440f6c790502bc8f",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ],
    "severity": "High",
    "fixes": [
        "https://googleplex-android.googlesource.com/platform/frameworks/base/+/3f41ea90fa99f63759dc7bebf3a14256a4a3145c",
        "https://googleplex-android.googlesource.com/platform/frameworks/base/+/571a97ade14d3e008172a1c084bf7331f6fc8875",
        "https://googleplex-android.googlesource.com/platform/frameworks/base/+/b3d70aab1515d583aeebbcb6440f6c790502bc8f"
    ]
}

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-06-01

Affected versions

Other

15

Ecosystem specific 

{
    "spl": "2025-06-01",
    "vanir_signatures": [
        {
            "id": "ASB-A-370477460-083aea63",
            "signature_type": "Function",
            "digest": {
                "length": 1064.0,
                "function_hash": "85506144085095692283384990131351925646"
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java",
                "function": "getCandidateCredentials"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/e61320b6fcca1b6f0fe60078cc27fcc844a63f12",
            "signature_version": "v1",
            "deprecated": false
        },
        {
            "id": "ASB-A-370477460-be52466b",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "138577848234341603437095609589561053688",
                    "55991586641641286659296986824021752837",
                    "68858622012237976314078123664975942140",
                    "18481188494246600912364260583610353341",
                    "339794184165844137590346342789191757060",
                    "70771956055940442514103611574301114154",
                    "274392003005117655454855067371589433834",
                    "207043211942330825131371115835424927412",
                    "142280056840589166469166032296599249750",
                    "85859684829694125647308804128709788831",
                    "286874114293666114362091820468029395819",
                    "268613525113223715935043355059855888777"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "services/credentials/java/com/android/server/credentials/CredentialManagerService.java"
            },
            "source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/e61320b6fcca1b6f0fe60078cc27fcc844a63f12",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ],
    "severity": "High",
    "fixes": [
        "https://googleplex-android.googlesource.com/platform/frameworks/base/+/e61320b6fcca1b6f0fe60078cc27fcc844a63f12"
    ]
}