{"id":"ASB-A-169255797", "published":"2021-06-01T00:00:00Z", "modified":"2026-07-03T16:08:45.503432344Z", "aliases":["CVE-2021-0478", "A-169255797"], "details":"In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.1:0"}, {"fixed":"8.1:2021-06-05"}]}], "versions":["8.1"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6", "https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05"], "severity":"High", "spl":"2021-06-05", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["42020041142383304235704306891537256141", "289934566830103813684344594208716515753", "294823526023680949263775857811810283566", "58840809258217128192670445423050767198", "114505818128068924874392892140143823310", "200823653085316894711538114895378009509", "116627824074158765931383902233516993180"], "threshold":0.9}, "id":"ASB-A-169255797-273d510b", "match_only_versions":["8.1"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"function_hash":"238518792499284688356094374625581676253", "length":603}, "id":"ASB-A-169255797-acc20021", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"function_hash":"230009974099059748614225976415562516999", "length":442}, "id":"ASB-A-169255797-b027e0f8", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/5791303c20964bcf83eb1a046f3ce256e10d43c6", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"line_hashes":["209994878309430805395706290204032689098", "125461065251237585907190888088422299913", "224624817943320447785708540466415237733", "71208829877305823311535501649155661884", "206844852653315512871748239391478303695", "264794641393320405473911995224949025240", "229794932618266376197057428186312067384", "9888884701803256020115703459151666033", "248118567324138200637685791802372116318", "176566262648722621492230475312950332568", "73147827167205304033947538896651956086", "157528758180396483875238243954832899485", "115818958425564811982751823721669419214", "2408185724002910366505306683815659384"], "threshold":0.9}, "id":"ASB-A-169255797-bc473c40", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/8875da5207678f41b6ec90800d1bf2d03327bd05", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-06-05"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee", "https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d"], "severity":"High", "spl":"2021-06-05", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"230009974099059748614225976415562516999", "length":442}, "id":"ASB-A-169255797-84402102", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"function_hash":"238518792499284688356094374625581676253", "length":603}, "id":"ASB-A-169255797-8542a610", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"line_hashes":["42020041142383304235704306891537256141", "289934566830103813684344594208716515753", "294823526023680949263775857811810283566", "58840809258217128192670445423050767198", "114505818128068924874392892140143823310", "200823653085316894711538114895378009509", "116627824074158765931383902233516993180"], "threshold":0.9}, "id":"ASB-A-169255797-bbb44a04", "match_only_versions":["9"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/c508aed10f739352a7bbf005dea2cb672e74b1ee", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"line_hashes":["167682451478170391322088494545066908104", "125461065251237585907190888088422299913", "224624817943320447785708540466415237733", "71208829877305823311535501649155661884", "206844852653315512871748239391478303695", "264794641393320405473911995224949025240", "229794932618266376197057428186312067384", "9888884701803256020115703459151666033", "248118567324138200637685791802372116318", "176566262648722621492230475312950332568", "73147827167205304033947538896651956086", "157528758180396483875238243954832899485", "115818958425564811982751823721669419214", "2408185724002910366505306683815659384"], "threshold":0.9}, "id":"ASB-A-169255797-eca68dca", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/00b65a29631032fb3d7710f5c5a13d0a15fdda5d", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-06-05"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a", "https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0"], "severity":"High", "spl":"2021-06-05", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["42020041142383304235704306891537256141", "289934566830103813684344594208716515753", "294823526023680949263775857811810283566", "58840809258217128192670445423050767198", "114505818128068924874392892140143823310", "200823653085316894711538114895378009509", "116627824074158765931383902233516993180"], "threshold":0.9}, "id":"ASB-A-169255797-4d060390", "match_only_versions":["10"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"line_hashes":["167682451478170391322088494545066908104", "125461065251237585907190888088422299913", "224624817943320447785708540466415237733", "71208829877305823311535501649155661884", "206844852653315512871748239391478303695", "264794641393320405473911995224949025240", "229794932618266376197057428186312067384", "9888884701803256020115703459151666033", "248118567324138200637685791802372116318", "176566262648722621492230475312950332568", "73147827167205304033947538896651956086", "157528758180396483875238243954832899485", "115818958425564811982751823721669419214", "2408185724002910366505306683815659384"], "threshold":0.9}, "id":"ASB-A-169255797-70562fff", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"function_hash":"238518792499284688356094374625581676253", "length":603}, "id":"ASB-A-169255797-fa2319a1", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/92106a58df860553ecab2adb8a6e60e53a8a31e0", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"function_hash":"230009974099059748614225976415562516999", "length":442}, "id":"ASB-A-169255797-fecc3ae0", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/46ada71fbcb36c624ff29a3cd734775bc4853e6a", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-06-05"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77", "https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3"], "severity":"High", "spl":"2021-06-05", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["42020041142383304235704306891537256141", "289934566830103813684344594208716515753", "294823526023680949263775857811810283566", "58840809258217128192670445423050767198", "114505818128068924874392892140143823310", "200823653085316894711538114895378009509", "116627824074158765931383902233516993180"], "threshold":0.9}, "id":"ASB-A-169255797-25712e80", "match_only_versions":["11"], "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"function_hash":"238518792499284688356094374625581676253", "length":603}, "id":"ASB-A-169255797-4f41ae06", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}, {"deprecated":false, "digest":{"line_hashes":["167682451478170391322088494545066908104", "125461065251237585907190888088422299913", "224624817943320447785708540466415237733", "71208829877305823311535501649155661884", "206844852653315512871748239391478303695", "264794641393320405473911995224949025240", "229794932618266376197057428186312067384", "9888884701803256020115703459151666033", "248118567324138200637685791802372116318", "176566262648722621492230475312950332568", "73147827167205304033947538896651956086", "157528758180396483875238243954832899485", "115818958425564811982751823721669419214", "2408185724002910366505306683815659384"], "threshold":0.9}, "id":"ASB-A-169255797-768f5d7a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/001d4e68bbebc14132a13b21c38c5fb6af9034a3", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java"}}, {"deprecated":false, "digest":{"function_hash":"230009974099059748614225976415562516999", "length":442}, "id":"ASB-A-169255797-ac41a920", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/def75584a3f1a375685f1520fe5df506e8dcfa77", "target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/StatusBarIconView.java", "function":"updateDrawable"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-06-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/bca2b3aeabd164c1cf4bdc113366665976b0c831"}]}