ASB-A-204554636
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-204554636.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ASB-A-204554636
- Aliases
-
- A-204554636
- CVE-2023-21251
- Published
- 2023-07-01T00:00:00Z
- Modified
- 2024-09-19T16:28:09.722156Z
- Summary
- [none]
- Details
-
In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145373771042164556996771149622582879012",
"24636754910974746069700459186663919618",
"326234218199829961080075757843262507119",
"105015208742246265341421018256333807062",
"166355223769682688963013329796122566656",
"168307183693897523185429861834317917850",
"103251528818213452428199846706659183762",
"111653476538621833577321990280604039598",
"286508034715687416815902777443473931615",
"162613915125627456214910489658814519700",
"144919357334328606891790452899809402101",
"38847783066338723770983429311212328665",
"141895921643524409842883632693066453511",
"199021372446020653731715243387323906904",
"75337070440335373284258608706725168817",
"245725184770043276946333140717043279086",
"240527664481320037249160293348804274006",
"37835034154458307316701331179130916379",
"256115488171731255894976367665604958049",
"312714771524737258213116446694331489521",
"125018773370956130829368696906060563656"
]
},
"id": "ASB-A-204554636-762baac7",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1245.0,
"function_hash": "115608134351162845168536617605718796219"
},
"id": "ASB-A-204554636-7cedee7f",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java",
"function": "onCreate"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab"
],
"spl": "2023-07-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1245.0,
"function_hash": "115608134351162845168536617605718796219"
},
"id": "ASB-A-204554636-80f63b0e",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145373771042164556996771149622582879012",
"24636754910974746069700459186663919618",
"326234218199829961080075757843262507119",
"105015208742246265341421018256333807062",
"166355223769682688963013329796122566656",
"168307183693897523185429861834317917850",
"103251528818213452428199846706659183762",
"111653476538621833577321990280604039598",
"286508034715687416815902777443473931615",
"162613915125627456214910489658814519700",
"144919357334328606891790452899809402101",
"38847783066338723770983429311212328665",
"141895921643524409842883632693066453511",
"199021372446020653731715243387323906904",
"75337070440335373284258608706725168817",
"245725184770043276946333140717043279086",
"240527664481320037249160293348804274006",
"37835034154458307316701331179130916379",
"256115488171731255894976367665604958049",
"312714771524737258213116446694331489521",
"125018773370956130829368696906060563656"
]
},
"id": "ASB-A-204554636-be0a78c8",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"https://android.googlesource.com/platform/frameworks/base/+/2fe87df11e447755351c1934bcbae5f2f870950d"
],
"spl": "2023-07-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1245.0,
"function_hash": "115608134351162845168536617605718796219"
},
"id": "ASB-A-204554636-87092c0e",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145373771042164556996771149622582879012",
"24636754910974746069700459186663919618",
"326234218199829961080075757843262507119",
"105015208742246265341421018256333807062",
"166355223769682688963013329796122566656",
"168307183693897523185429861834317917850",
"103251528818213452428199846706659183762",
"111653476538621833577321990280604039598",
"286508034715687416815902777443473931615",
"162613915125627456214910489658814519700",
"144919357334328606891790452899809402101",
"38847783066338723770983429311212328665",
"141895921643524409842883632693066453511",
"199021372446020653731715243387323906904",
"75337070440335373284258608706725168817",
"245725184770043276946333140717043279086",
"240527664481320037249160293348804274006",
"37835034154458307316701331179130916379",
"256115488171731255894976367665604958049",
"312714771524737258213116446694331489521",
"125018773370956130829368696906060563656"
]
},
"id": "ASB-A-204554636-eda1d7f1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab"
],
"spl": "2023-07-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145373771042164556996771149622582879012",
"24636754910974746069700459186663919618",
"326234218199829961080075757843262507119",
"105015208742246265341421018256333807062",
"166355223769682688963013329796122566656",
"168307183693897523185429861834317917850",
"103251528818213452428199846706659183762",
"111653476538621833577321990280604039598",
"286508034715687416815902777443473931615",
"162613915125627456214910489658814519700",
"144919357334328606891790452899809402101",
"38847783066338723770983429311212328665",
"141895921643524409842883632693066453511",
"199021372446020653731715243387323906904",
"75337070440335373284258608706725168817",
"245725184770043276946333140717043279086",
"240527664481320037249160293348804274006",
"37835034154458307316701331179130916379",
"256115488171731255894976367665604958049",
"312714771524737258213116446694331489521",
"125018773370956130829368696906060563656"
]
},
"id": "ASB-A-204554636-11c64afc",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1245.0,
"function_hash": "115608134351162845168536617605718796219"
},
"id": "ASB-A-204554636-c4cc1939",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java",
"function": "onCreate"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab"
],
"spl": "2023-07-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1245.0,
"function_hash": "115608134351162845168536617605718796219"
},
"id": "ASB-A-204554636-0098e198",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"145373771042164556996771149622582879012",
"24636754910974746069700459186663919618",
"326234218199829961080075757843262507119",
"105015208742246265341421018256333807062",
"166355223769682688963013329796122566656",
"168307183693897523185429861834317917850",
"103251528818213452428199846706659183762",
"111653476538621833577321990280604039598",
"286508034715687416815902777443473931615",
"162613915125627456214910489658814519700",
"144919357334328606891790452899809402101",
"38847783066338723770983429311212328665",
"141895921643524409842883632693066453511",
"199021372446020653731715243387323906904",
"75337070440335373284258608706725168817",
"245725184770043276946333140717043279086",
"240527664481320037249160293348804274006",
"37835034154458307316701331179130916379",
"256115488171731255894976367665604958049",
"312714771524737258213116446694331489521",
"125018773370956130829368696906060563656"
]
},
"id": "ASB-A-204554636-0432fde6",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/VpnDialogs/src/com/android/vpndialogs/ConfirmDialog.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2178216b98bf9865edee198f45192f0b883624ab"
],
"spl": "2023-07-01",
"severity": "High",
"types": [
"EoP"
]
}