{"id":"PUB-A-186530496", "published":"2021-12-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2021-1015", "A-186530496"], "details":"In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/services/Telephony", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2021-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43"], "severity":"Moderate", "spl":"2021-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"10822759049352567642747153906422883886", "length":407}, "id":"PUB-A-186530496-1cfdcf65", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43", "target":{"file":"src/com/android/phone/PhoneInterfaceManager.java", "function":"getMeidForSlot"}}, {"deprecated":false, "digest":{"line_hashes":["3624794149131407946608626928582215615", "178326841869676061585207727832857325022", "174612203171927633065365801275170586448", "292923991816569100510079934606821506517", "158005627675316763193851255009324688518", "2170466297479043063902941526478300293", "192562611858224967459084047482005710019", "280481355428590663848953641031514127646", "285551352630450113087137671684709298658", "114632676083170822125037772044626365341", "43080671515785902147410737608079762649", "19652907861148905444612215512720933904"], "threshold":0.9}, "id":"PUB-A-186530496-57c786db", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43", "target":{"file":"src/com/android/phone/PhoneInterfaceManager.java"}}, {"deprecated":false, "digest":{"function_hash":"273138848724124075185872135289100300012", "length":701}, "id":"PUB-A-186530496-625c176d", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43", "target":{"file":"src/com/android/phone/PhoneInterfaceManager.java", "function":"getNetworkTypeForSubscriber"}}, {"deprecated":false, "digest":{"function_hash":"312476358945094468677151859287858849766", "length":392}, "id":"PUB-A-186530496-901f501d", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43", "target":{"file":"src/com/android/phone/PhoneInterfaceManager.java", "function":"getDeviceIdWithFeature"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/services/Telephony/+/13d8915ee461fd7d766d09d277fcc9f06a9f4f43"}]}