{"id":"ASB-A-185126549","details":"In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-185126549","CVE-2021-39627"],"modified":"2026-04-20T15:37:26.169566Z","published":"2022-01-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-01-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/apps/Dialer/+/9c452d9f25d8fb41fd3ec627293a2481fde778d4"}],"affected":[{"package":{"name":"platform/packages/apps/Dialer","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2022-01-01"}]}],"versions":["9"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-01-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-185126549-2f5d2b96","target":{"file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["106680201593422794262120843882354478791","326774004061573496066568127664103587028","295395256957196504913463328355904672893","149183730702223882063009548301812832852","111530533399569871322797409736703837069","164450686893749293223111827008859727071","72195964722680638204432878196194950937","172334718998239283189666931642852725078"]},"deprecated":false},{"signature_type":"Function","id":"ASB-A-185126549-c19e1d43","target":{"function":"sendLegacyVoicemailNotification","file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"function_hash":"242911685893440700542492214997579498592","length":1385},"deprecated":false}],"severity":"High","fixes":["https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-185126549.json"}},{"package":{"name":"platform/packages/apps/Dialer","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-01-01"}]}],"versions":["10"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-01-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-185126549-47c021ac","target":{"file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["106680201593422794262120843882354478791","326774004061573496066568127664103587028","295395256957196504913463328355904672893","149183730702223882063009548301812832852","111530533399569871322797409736703837069","164450686893749293223111827008859727071","72195964722680638204432878196194950937","172334718998239283189666931642852725078"]},"deprecated":false},{"signature_type":"Function","id":"ASB-A-185126549-6c87a72c","target":{"function":"sendLegacyVoicemailNotification","file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"function_hash":"242911685893440700542492214997579498592","length":1385},"deprecated":false}],"severity":"High","fixes":["https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-185126549.json"}},{"package":{"name":"platform/packages/apps/Dialer","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2022-01-01"}]}],"versions":["11"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-01-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-185126549-c7359f3d","target":{"file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["106680201593422794262120843882354478791","326774004061573496066568127664103587028","295395256957196504913463328355904672893","149183730702223882063009548301812832852","111530533399569871322797409736703837069","164450686893749293223111827008859727071","72195964722680638204432878196194950937","172334718998239283189666931642852725078"]},"deprecated":false},{"signature_type":"Function","id":"ASB-A-185126549-f4f18912","target":{"function":"sendLegacyVoicemailNotification","file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"function_hash":"242911685893440700542492214997579498592","length":1385},"deprecated":false}],"severity":"High","fixes":["https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-185126549.json"}},{"package":{"name":"platform/packages/apps/Dialer","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-01-01"}]}],"versions":["12"],"ecosystem_specific":{"types":["EoP"],"spl":"2022-01-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-185126549-7d5c7dd5","target":{"file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["106680201593422794262120843882354478791","326774004061573496066568127664103587028","295395256957196504913463328355904672893","149183730702223882063009548301812832852","111530533399569871322797409736703837069","164450686893749293223111827008859727071","72195964722680638204432878196194950937","172334718998239283189666931642852725078"]},"deprecated":false},{"signature_type":"Function","id":"ASB-A-185126549-fc45b3ca","target":{"function":"sendLegacyVoicemailNotification","file":"java/com/android/voicemail/impl/sms/LegacyModeSmsHandler.java"},"source":"https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b","signature_version":"v1","digest":{"function_hash":"242911685893440700542492214997579498592","length":1385},"deprecated":false}],"severity":"High","fixes":["https://android.googlesource.com/platform/packages/apps/Dialer/+/bdd6d1ea00f94296c251f4340a52a2035167370b"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-185126549.json"}}],"schema_version":"1.7.5"}