{"id":"ASB-A-173516292", "published":"2021-03-01T00:00:00Z", "modified":"2026-07-09T15:25:53.339171538Z", "aliases":["CVE-2021-0398", "A-173516292"], "details":"In bindServiceLocked of ActiveServices.java, there is a possible foreground service launch due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-03-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/346eed7325d47d8ed453266f613ccad1b4260c67"], "severity":"High", "spl":"2021-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["46657084538387849533944631815197919217", "47803475466121584270395261921658142216", "325918187691313744359344816494729576235", "46207463645185604187358240881502935609", "212415327302070702842023323770887400432", "204056559447767789702109303082000156033", "135899159215090478448400128713970787417", "182964643636145093120348097289165869351", "201550163361731024068827617901769592978", "315740194190424031421019704638430746077", "336117248943473332956640422116513598436", "106590248190747635384740111683352473257", "52356696497704768067711121757423229908", "120697212463837394021962999978214849985", "212914515693124471693583988919464012393", "18649316088864075031835478651040952120", "87839660511738554063841205899809150621", "239583940396793379342810145791881020006", "117503452871507258936039460840083974837", "265706925819919134868044648462525895222", "264522092230601654869664229000741541544", "44211122793710376604627864748325956064", "151707582720249119892140907019491500752", "165829670483738598843995359607900298889", "130783869705264918515742247521380028544", "72615421560285096450291495286415369943", "190474129498769125019003505329062172549", "132992127263009375973838486634561148475", "14664298674835248078276460591351107462", "261832021811408453183252110870323373164", "93367200225942335707699394487670202123"], "threshold":0.9}, "id":"ASB-A-173516292-976cc818", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/346eed7325d47d8ed453266f613ccad1b4260c67", "target":{"file":"services/core/java/com/android/server/am/ActiveServices.java"}}, {"deprecated":false, "digest":{"function_hash":"82762604621208875701319605722102975225", "length":7657}, "id":"ASB-A-173516292-9b0b9284", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/346eed7325d47d8ed453266f613ccad1b4260c67", "target":{"file":"services/core/java/com/android/server/am/ActiveServices.java", "function":"bindServiceLocked"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-03-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/86bd39db3595842bae77abe7e768226e412591c8"}]}