{"id":"ASB-A-173421434","details":"In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-173421434","CVE-2021-0428"],"modified":"2026-04-21T15:25:42.831358Z","published":"2021-09-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-09-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/1c1bc30ce345f770de44b4348420e860d0958534"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/5aba70130d3539fc77cfdfb4b550d8e86acd8a60"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/a13fc7f314ac56e75eca09c94db8090f928023ff"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/640387d310ce6fdfa71f606744eb903bedba57ce"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/7dfee2e7c3f762d069b8c606f8591498f109ff3e"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/f587f04d306f2faa9e102d9e2de87a403a48638e"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/ContactsProvider/+/129cc56868dfc198de41909ff9d6c542a84a4c21"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-09-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","target":{"file":"telephony/java/android/telephony/SubscriptionInfo.java"},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/a13fc7f314ac56e75eca09c94db8090f928023ff","digest":{"threshold":0.9,"line_hashes":["279891211905248705000188750057662442874","100251516085861831059546898052103060700","10657935485380477635054957026563389601","325564871196705452930030679078772031035","142725465768313781420799644565204446905","244113471113369384426378111550902593284","295454372251728279950152373203569687289","50232096202857179049884937724085430335","32489657364804635552629863396098654524","154488838053866465501963706431423535298","33640964512298271504754649044654048332","332028568397215828142796330354839730014"]},"deprecated":false,"id":"ASB-A-173421434-5d6f198f"}],"types":["ID"],"severity":"High","spl":"2021-09-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/5aba70130d3539fc77cfdfb4b550d8e86acd8a60","https://android.googlesource.com/platform/frameworks/base/+/1c1bc30ce345f770de44b4348420e860d0958534","https://android.googlesource.com/platform/frameworks/base/+/a13fc7f314ac56e75eca09c94db8090f928023ff"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-173421434.json"}},{"package":{"name":"platform/frameworks/opt/telephony","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-09-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","target":{"file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173","digest":{"threshold":0.9,"line_hashes":["73271320479689853384020250808514898536","175787085652733294794043095659085123698","67982921254483870507642281109402768204","315568438870669136591369092324040736513","248199077134062676251498125742683059126","218148968020054942308553548099221169822","165739547165381776752209104974691322062","300662938926454843267847812611081103773","246889847219043522624183391919145578152","137510143084916363362680958018806561563","16835035947434875406831018487916772589","274303705999419766595372770870333918665","228650038250189149717389391226035411539","203875218875667817585528210620992169685","143538902479667268199642620701316923975","37834714910165965342489292506547138259","204403033463547674522094165065068657383","16950011880908463429075036878240796867","41777599622806452903422585703796554082","249874091143085082948636995037363009283","98478380025337807038134164640197847867","103967969692119938010360621919557267358","128098064016103406587689090904910706358","253293339938871538364059937050665039785","94996945124155868386950122897626763687","67837049382483700744729932776370363659","300393795810134724540572914185150203620","86375971926365400961037929333542529990","248199077134062676251498125742683059126","218148968020054942308553548099221169822","165739547165381776752209104974691322062","300662938926454843267847812611081103773","246889847219043522624183391919145578152","164849385314085923633845786035148191814","117763355247094591913180398591635496460","334196501212923171745132508872048115493","11833935888448519728719357971431914941","97946602838355177235543272333411795481","274983647912101315245217825986212407218","239209062339167307774644764823534030294","37834714910165965342489292506547138259","10975772097726458264512771145019100068","180253413135416209496609527867358259607","124651528491726343931596846559743898022","325873334375708185265565019531932008757","248368852189985331554463250368386946458","26066588096344914085947085966428084522","73131983218123357155151052743217513711","200909306953394193782702618957114166228","211200362000307231920759527080166068531","36413841089977536595491773018229861131","24328648988827950222839968996649701698","253293339938871538364059937050665039785","94996945124155868386950122897626763687","67837049382483700744729932776370363659","221098333954084600835782838181252955025","55333656169581628743730232640161612259","331290153949591651623036447596595178406","197116699074963706275357406545985272341","180691082372324568819711879137138673361","236205834711826370679520291836532827469","28203633654915582289553145665529874311","113046850701511380578177405189928177916","334501601190860754277091993463373154358","327351520236771581893306224682751669520","312552819336735905078294581706309919698","151513512856374956721770194181695875415","21427506597643827257553841599628650087","175001954157719550656499020746921043125","167279740871829938036416925979600203146","70011128062482938836116569504971252633"]},"deprecated":false,"id":"ASB-A-173421434-0a7b89c9"},{"signature_version":"v1","target":{"function":"onSubscriptionsChanged","file":"src/java/com/android/internal/telephony/MultiSimSettingController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/f587f04d306f2faa9e102d9e2de87a403a48638e","digest":{"length":147,"function_hash":"126643220583821949590310279423045567193"},"deprecated":false,"id":"ASB-A-173421434-0a9f62fe"},{"signature_version":"v1","target":{"function":"getSubscriptionInfoListFromCacheHelper","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff","digest":{"length":892,"function_hash":"309731795387608772756580169004621906271"},"deprecated":false,"id":"ASB-A-173421434-182b1c52"},{"signature_version":"v1","target":{"function":"onAllSubscriptionsLoaded","file":"src/java/com/android/internal/telephony/MultiSimSettingController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/f587f04d306f2faa9e102d9e2de87a403a48638e","digest":{"length":139,"function_hash":"190479599179302551772659796314580291167"},"deprecated":false,"id":"ASB-A-173421434-1a831322"},{"signature_version":"v1","target":{"function":"refreshCachedOpportunisticSubscriptionInfoList","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff","digest":{"length":980,"function_hash":"295542230449820321700987337457344736675"},"deprecated":false,"id":"ASB-A-173421434-1a936166"},{"signature_version":"v1","target":{"function":"refreshCachedActiveSubscriptionInfoList","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff","digest":{"length":1005,"function_hash":"52716821551309549174055644195890135908"},"deprecated":false,"id":"ASB-A-173421434-2fd1ac80"},{"signature_version":"v1","target":{"function":"conditionallyRemoveIdentifiers","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/640387d310ce6fdfa71f606744eb903bedba57ce","digest":{"length":228,"function_hash":"115111502823109378455000834551849468490"},"deprecated":false,"id":"ASB-A-173421434-3abbb0b3"},{"signature_version":"v1","target":{"file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff","digest":{"threshold":0.9,"line_hashes":["332207181272535266765054703888140350086","204616039021468111799581771418639482743","18494499343717385598631220991929195543","48357414873069698865384848190726312470","165257245421950194433281463476462408600","334547528246382158881014142630734941704","251816249981324229546334957472799376561","301500707940331872715878760919396858377","245131399701842030958101636739256720129","89577110774155736140891374342908278658","240553803243606666702031523030296778269","281864973538878578587995349986393143616","14047431468686558572265725325717805371","126971868211183223365784180784971214224","113598235983893129004938512363760911147","289181913746767822105911751189654809610","70476983084688695158339000851207211969","4335509256039612010068177770490591704","328423812484863549378992457440787977831","131430076114900908778330596346323458048","220121008952662251713513697582756213732","108587633537507210242609878158511307392","223301227139763297513577257228494276951","204616039021468111799581771418639482743","61895094682757125977270297329867943688","108524702858012074876981192010474428107","178251931898223871901296544838140751839","319308783313375693820838256487098717939","122400061465333209057977201008905581832","97565774358790140327795322877415659015","181951518584040096468462104511112146179","198631130592849971795237661491979401233","301063557735120950250074690916372947337","68787212017993703930521363247194311370","219057870342307217396378060247155851989","26296955719322993442857432079228183014","198280210753322231701385649049526261340","11976588153085162037590796673558897175","201149293675270705267390093979970538339","143311611871853946761803421136847292857","272337603234917968950985219293028106756","215188371355222747436257533936866207742","198590809961733720013383837394543480094","213801815103618585583716380376337753885","39927146165340248215025000694119613841","133916474999912376850595442652032532002","328241345341451062107330657320754916241","3502441696699683772051182957527934487","105875448958741139790105984877214863122","262094944130003232371313913761872523680","227047001510843328179866015920656547090","325507781138640812942393636107286501111","152073960806558844135137575645662574469","105200199484982371688746584367954863585","332421127601400676815948225774400433030","50155104764168218737472079076866576198","160696242279341343390429258663333393865","248238605614299783183629142541777986904","156630781654088528196023203669619481420","103540965704654865664095800082845282773","196355641388764804194497361776958016464","164795235692720536352404592246169558712","239964523583061207204583822402527883865"]},"deprecated":false,"id":"ASB-A-173421434-9151d70c"},{"signature_version":"v1","target":{"file":"src/java/com/android/internal/telephony/MultiSimSettingController.java"},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/f587f04d306f2faa9e102d9e2de87a403a48638e","digest":{"threshold":0.9,"line_hashes":["321090431127340004990671278192074797963","46225779129580699927749136639950002012","60019122233057231394463674412463453797","216631224128738116404641397217260597847","294710520453535791353510840633526235339","264168491459372532987784367660727173796","214874892743754442154171900363694655676","699414931290159516128303284382318106","160803317814406586736429625279033200529","225161148072616918182033693359322495986","187364324057142489227597349839182918656","149583713709563962048565424340452335257","118313151484137727736198654439618093957","245761290185636267608743517699104515751","225289580136915222065860615950796129422","155875229024061619331458113260141407498","157910019293770333103487168397563302097","107204163690473226264824837225166107372","312955214957783794918648735006294819222"]},"deprecated":false,"id":"ASB-A-173421434-918bcdbb"},{"signature_version":"v1","target":{"function":"getSubscriptionsInGroup","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173","digest":{"length":640,"function_hash":"55254967924537371728098459033840448912"},"deprecated":false,"id":"ASB-A-173421434-a1878697"},{"signature_version":"v1","target":{"function":"getActiveSubscriptionInfo","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173","digest":{"length":630,"function_hash":"191343706809052747583263701389269632885"},"deprecated":false,"id":"ASB-A-173421434-acc471de"},{"signature_version":"v1","target":{"function":"getSubscriptionInfoListFromCacheHelper","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173","digest":{"length":682,"function_hash":"93525269666656978262328563222757040009"},"deprecated":false,"id":"ASB-A-173421434-c8e36ecd"},{"signature_version":"v1","target":{"function":"getActiveSubscriptionInfoForSimSlotIndex","file":"src/java/com/android/internal/telephony/SubscriptionController.java"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173","digest":{"length":959,"function_hash":"41681991742516796743634072472263864210"},"deprecated":false,"id":"ASB-A-173421434-d38c07ba"}],"types":["ID"],"severity":"High","spl":"2021-09-01","fixes":["https://android.googlesource.com/platform/frameworks/opt/telephony/+/93d5117cf5f528ec7ed74b4fe2df7ae7e2d207ff","https://android.googlesource.com/platform/frameworks/opt/telephony/+/f587f04d306f2faa9e102d9e2de87a403a48638e","https://android.googlesource.com/platform/frameworks/opt/telephony/+/640387d310ce6fdfa71f606744eb903bedba57ce","https://android.googlesource.com/platform/frameworks/opt/telephony/+/7dfee2e7c3f762d069b8c606f8591498f109ff3e","https://android.googlesource.com/platform/frameworks/opt/telephony/+/9c392805dc4c5d5c9a95a5dec9c7f65130cd8173"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-173421434.json"}},{"package":{"name":"platform/packages/providers/ContactsProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-09-01"}]}],"versions":["10"],"ecosystem_specific":{"types":["ID"],"severity":"High","spl":"2021-09-01","fixes":["https://android.googlesource.com/platform/packages/providers/ContactsProvider/+/129cc56868dfc198de41909ff9d6c542a84a4c21"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-173421434.json"}}],"schema_version":"1.7.5"}