{"id":"PUB-A-242845514", "published":"2022-12-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2022-20550", "A-242845514"], "details":"In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2022-12-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70"], "severity":"Moderate", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["142275142473583811656257925932801215932", "80607861949381175184438557088515049005", "28754939496718491312327854094553077963", "161741354498231441500213550542794601380", "31810291832700185900069539269853300952", "76201736618210912462135528215241407154", "13572015017283725455848689928188277669", "123200632612740350257613156920026447093", "99189086500324707981847462972527388857", "238865122492803814029196695279813184174", "135188360535559844316574743883758800389", "28496705184192827839311415886852564114", "130169205191785451277261575911863144490", "12884332751236020770911350680320607449", "27175867381462649513143951036261802049", "85940367650815511313909572387718700761", "330677813483266743538214358220343613206", "123797315748070501987140919842285346625", "56771758489640633155088313326080049367"], "threshold":0.9}, "id":"PUB-A-242845514-16f5859a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70", "target":{"file":"core/java/android/service/dreams/DreamService.java"}}, {"deprecated":false, "digest":{"function_hash":"42220059353017145088428329988357325663", "length":572}, "id":"PUB-A-242845514-b8a29ebb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70", "target":{"file":"core/java/android/service/dreams/DreamService.java", "function":"getDreamMetadata"}}, {"deprecated":false, "digest":{"function_hash":"95995390880890190389146015024656609599", "length":212}, "id":"PUB-A-242845514-edef98e7", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70", "target":{"file":"core/java/android/service/dreams/DreamService.java", "function":"convertToComponentName"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70"}]}