{"id":"ASB-A-197302116", "published":"2022-05-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2021-39662", "A-197302116"], "details":"In checkUriPermission of MediaProvider.java , there is a possible way to gain access to the content of media provider collections due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/providers/MediaProvider", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2022-05-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/a728dfa19c2601b576a718fd9f79916bccd07c0e"], "severity":"High", "spl":"2022-05-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"4474091377632993188748744114478412065", "length":706}, "id":"ASB-A-197302116-8466e10a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/a728dfa19c2601b576a718fd9f79916bccd07c0e", "target":{"file":"src/com/android/providers/media/MediaProvider.java", "function":"checkCallingPermissionGlobal"}}, {"deprecated":false, "digest":{"line_hashes":["25127089540446830365776893669670367074", "52654365560282741827295200764621425196", "26300234619064364160552495580696396765", "234892767815313923050612973569646278697"], "threshold":0.9}, "id":"ASB-A-197302116-bed77eec", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/a728dfa19c2601b576a718fd9f79916bccd07c0e", "target":{"file":"src/com/android/providers/media/MediaProvider.java"}}]}}, {"package":{"name":"platform/packages/providers/MediaProvider", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2022-05-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/76f725361312644461b9021380ba4d0d9d32108e"], "severity":"High", "spl":"2022-05-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"77917397673266524374997186027548272186", "length":473}, "id":"ASB-A-197302116-82cb918e", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/76f725361312644461b9021380ba4d0d9d32108e", "target":{"file":"src/com/android/providers/media/MediaProvider.java", "function":"checkCallingPermissionGlobal"}}, {"deprecated":false, "digest":{"line_hashes":["179488332357500760464235199868250000541", "187478289198325735826983537232858024645", "120491782560672794494210877229389813743", "92600504435141915104528076797454285329", "127963006318052941156864521487158640799", "73548561541516981385917645259986818141", "285244454391137702933056196617636423388", "266185567679167196513501867627317679055", "182525984290406380742302441291159798810", "68813998502226990251331405337490877221", "8323709720999923258340560131546100764", "58667546572850305526766049867153733009", "186725081679960081437720087514013561272", "226549758348081416692860462691351302638", "25127089540446830365776893669670367074", "52654365560282741827295200764621425196", "170003878977492606213118720174031857260", "155206640671181671793224228347242975948"], "threshold":0.9}, "id":"ASB-A-197302116-9d38cdcb", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/76f725361312644461b9021380ba4d0d9d32108e", "target":{"file":"src/com/android/providers/media/MediaProvider.java"}}, {"deprecated":false, "digest":{"function_hash":"265008385440246623604938998864186753709", "length":1361}, "id":"ASB-A-197302116-e8214d8c", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/76f725361312644461b9021380ba4d0d9d32108e", "target":{"file":"src/com/android/providers/media/MediaProvider.java", "function":"checkUriPermission"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-05-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/76f725361312644461b9021380ba4d0d9d32108e"}]}