{"id":"ASB-A-172251622","details":"In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-172251622","CVE-2021-0933"],"modified":"2026-05-19T16:54:37.272608834Z","published":"2021-11-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-11-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/cb890336d6a8056cc46ed01a908ad8f70e3880b6"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-11-01"}]}],"versions":["9"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/95ff59db3b99829cc49afeaeb616004394e09b28","digest":{"line_hashes":["15007584258962113430238643271844942838","268929668076363750710230938820811918019","270919273981368709789145379540826740369","62573571685483560693118806989271124909","180466187773196755408170613112714465121","244178590229068957271771525278904392344","16748497727355092575000917856148252958","239814989109557175029939124897325434968","324468451588654408241603963428655051056"],"threshold":0.9},"id":"ASB-A-172251622-89ccb7bc","signature_type":"Line","target":{"file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}},{"deprecated":false,"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/95ff59db3b99829cc49afeaeb616004394e09b28","digest":{"function_hash":"124790208354687498638778387713897535632","length":1511},"id":"ASB-A-172251622-baf2f405","signature_type":"Function","target":{"function":"onCreate","file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}}],"spl":"2021-11-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/95ff59db3b99829cc49afeaeb616004394e09b28"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-172251622.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-11-01"}]}],"versions":["10"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"deprecated":false,"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/55f71f96c354bd03fdce470a6de51dda5981d8f0","digest":{"function_hash":"245158958023821044267529804617422432038","length":1510},"id":"ASB-A-172251622-374346bd","signature_type":"Function","target":{"function":"onCreate","file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}},{"source":"https://android.googlesource.com/platform/frameworks/base/+/55f71f96c354bd03fdce470a6de51dda5981d8f0","signature_version":"v1","digest":{"line_hashes":["15007584258962113430238643271844942838","268929668076363750710230938820811918019","270919273981368709789145379540826740369","62573571685483560693118806989271124909","180466187773196755408170613112714465121","244178590229068957271771525278904392344","16748497727355092575000917856148252958","239814989109557175029939124897325434968","324468451588654408241603963428655051056"],"threshold":0.9},"deprecated":false,"id":"ASB-A-172251622-d256fe52","signature_type":"Line","target":{"file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}}],"types":["EoP"],"spl":"2021-11-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/55f71f96c354bd03fdce470a6de51dda5981d8f0"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-172251622.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-11-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["15007584258962113430238643271844942838","268929668076363750710230938820811918019","270919273981368709789145379540826740369","62573571685483560693118806989271124909","180466187773196755408170613112714465121","244178590229068957271771525278904392344","16748497727355092575000917856148252958","239814989109557175029939124897325434968","324468451588654408241603963428655051056"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/7f687d49115016a992f86c4167222804348dc2d5","id":"ASB-A-172251622-a378ec80","signature_type":"Line","target":{"file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}},{"signature_version":"v1","deprecated":false,"digest":{"function_hash":"245158958023821044267529804617422432038","length":1510},"source":"https://android.googlesource.com/platform/frameworks/base/+/7f687d49115016a992f86c4167222804348dc2d5","id":"ASB-A-172251622-d6072fbc","signature_type":"Function","target":{"function":"onCreate","file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/DeviceChooserActivity.java"}}],"spl":"2021-11-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/7f687d49115016a992f86c4167222804348dc2d5"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-172251622.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2021-11-01"}]}],"versions":["12"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"source":"https://android.googlesource.com/platform/frameworks/base/+/8f005ffe4aa380552fb9f739d1b08c6f63f24fef","signature_version":"v1","digest":{"line_hashes":["15007584258962113430238643271844942838","277425146067672945422982588129802923284","88537808488951257726446070723945019662","259806394902339584550057316932975932792","17768460369233093139400899191166465855","180466187773196755408170613112714465121","250285989159223523672889895223113863759","94100475546088591881011667003014058684","295288541871458566411442276560197379108","25945880201647518844431205293399082015","38847922995355888162166079732081737317"],"threshold":0.9},"deprecated":false,"id":"ASB-A-172251622-38711027","signature_type":"Line","target":{"file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java"}},{"signature_version":"v1","deprecated":false,"digest":{"function_hash":"20090364510770890078758264123460064103","length":2377},"source":"https://android.googlesource.com/platform/frameworks/base/+/8f005ffe4aa380552fb9f739d1b08c6f63f24fef","id":"ASB-A-172251622-9c1df756","signature_type":"Function","target":{"function":"onCreate","file":"packages/CompanionDeviceManager/src/com/android/companiondevicemanager/CompanionDeviceActivity.java"}}],"types":["EoP"],"spl":"2021-11-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/8f005ffe4aa380552fb9f739d1b08c6f63f24fef"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-172251622.json"}}],"schema_version":"1.7.5"}