{"id":"ASB-A-177927831", "published":"2021-09-01T00:00:00Z", "modified":"2026-07-03T16:08:45.503432344Z", "aliases":["CVE-2021-0686", "A-177927831"], "details":"In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-09-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/0abccabffee50a3960d0e116651921530c9d20c7"], "severity":"High", "spl":"2021-09-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["239331090064650673413593309300806766034", "337928780611741149121173800763509871368", "191803898202686235053355730535849549756", "263416126612021795030949025958055751121"], "threshold":0.9}, "id":"ASB-A-177927831-3cdd312b", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/0abccabffee50a3960d0e116651921530c9d20c7", "target":{"file":"services/core/java/com/android/server/role/RoleManagerService.java"}}, {"deprecated":false, "digest":{"function_hash":"63133779015042464932094184556174830516", "length":202}, "id":"ASB-A-177927831-ee12b4d2", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/0abccabffee50a3960d0e116651921530c9d20c7", "target":{"file":"services/core/java/com/android/server/role/RoleManagerService.java", "function":"getDefaultSmsPackage"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-09-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/cf1bd25a37123624688f9965608a48d362ab4eb0"], "severity":"High", "spl":"2021-09-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["239331090064650673413593309300806766034", "337928780611741149121173800763509871368", "191803898202686235053355730535849549756", "263416126612021795030949025958055751121"], "threshold":0.9}, "id":"ASB-A-177927831-0682b9dd", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/cf1bd25a37123624688f9965608a48d362ab4eb0", "target":{"file":"services/core/java/com/android/server/role/RoleManagerService.java"}}, {"deprecated":false, "digest":{"function_hash":"63133779015042464932094184556174830516", "length":202}, "id":"ASB-A-177927831-908143a7", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/cf1bd25a37123624688f9965608a48d362ab4eb0", "target":{"file":"services/core/java/com/android/server/role/RoleManagerService.java", "function":"getDefaultSmsPackage"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-09-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/7f39ba09b8ccad2ae50874d3643cdc93746391ea"}]}