{"id":"ASB-A-206090748","details":"In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-206090748","CVE-2021-39689"],"modified":"2026-04-03T15:37:31.002635Z","published":"2022-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/security/+/9a374680df1912fb983bf174d88ddeb71932cec1"}],"affected":[{"package":{"name":"platform/system/security","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-03-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"target":{"function":"main","file":"ondevice-signing/odsign_main.cpp"},"digest":{"function_hash":"115174242607445837283827550791433440053","length":3127},"signature_type":"Function","source":"https://android.googlesource.com/platform/system/security/+/9a374680df1912fb983bf174d88ddeb71932cec1","signature_version":"v1","id":"ASB-A-206090748-1e752266","deprecated":false},{"target":{"file":"ondevice-signing/odsign_main.cpp"},"digest":{"threshold":0.9,"line_hashes":["155002132074404346642667567063298957642","297260879976898572002085567125824570400","188117423437172400110849304914488873278","157142425212623079288036371350014858728","204697804969151301657652142831750749263","246063165005463238593878401576263943808","46466359620560727117279535738104699931","141059372346926048512427331198909030998","2730617571386842996949351571057359371","231174964654211160397274464679379716942","79564985896302873437179230076078962713","66258345296755914229722793912710658752","119779208966118517802654399430476717338","77624105651785219220920525729304708538","251820337726636477205310617262680283716","4251731988487157458031956612984751316","272146446085519213110283545910970836919","326391328849996974035268250804048831285","302112193165383670968896532470765648117","193934157389329987789925357200475432871","27788796301632880293569162245196199580","93910542072745963730906210286960621174","143651183351945654395008936788862968309","153565588807519245516641321357548138267","181518540221266179414657618596067690955","79190526905929199974984233414112142614","226990917230412597926031777425518894451","192038301750522978732304252332380591310","73712142896677038537369976998197256465","55819269734436224158671719536097316376","178908855247042236448030067729071985011","291864525956619739958175182635457124986","159187200350724936694553768699727121852","2840041652715579188324822575814674158","25265074336690209759976022906363770937","135838650960097277714843292576097054593","28467515644553834983081233901945956675","213516555238620568387563257684182639544","182105187982994865056634254009835838869","238646132370444170511494890340449228166","309208033224288258558599515700297799420","122663547908006295962942936874099607553","104194636075107744279129509670243687737"]},"signature_type":"Line","source":"https://android.googlesource.com/platform/system/security/+/9a374680df1912fb983bf174d88ddeb71932cec1","signature_version":"v1","id":"ASB-A-206090748-c9c7a03e","deprecated":false},{"target":{"function":"verifyArtifacts","file":"ondevice-signing/odsign_main.cpp"},"digest":{"function_hash":"284493981387205415012846669277598690417","length":539},"signature_type":"Function","source":"https://android.googlesource.com/platform/system/security/+/9a374680df1912fb983bf174d88ddeb71932cec1","signature_version":"v1","id":"ASB-A-206090748-edf45161","deprecated":false}],"types":["EoP"],"severity":"Moderate","spl":"2022-03-01","fixes":["https://android.googlesource.com/platform/system/security/+/9a374680df1912fb983bf174d88ddeb71932cec1"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-206090748.json"}},{"package":{"name":"platform/system/security","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-03-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"target":{"file":"ondevice-signing/odsign_main.cpp"},"digest":{"threshold":0.9,"line_hashes":["155002132074404346642667567063298957642","297260879976898572002085567125824570400","188117423437172400110849304914488873278","157142425212623079288036371350014858728","204697804969151301657652142831750749263","246063165005463238593878401576263943808","46466359620560727117279535738104699931","141059372346926048512427331198909030998","2730617571386842996949351571057359371","231174964654211160397274464679379716942","79564985896302873437179230076078962713","66258345296755914229722793912710658752","119779208966118517802654399430476717338","77624105651785219220920525729304708538","251820337726636477205310617262680283716","4251731988487157458031956612984751316","272146446085519213110283545910970836919","326391328849996974035268250804048831285","302112193165383670968896532470765648117","193934157389329987789925357200475432871","27788796301632880293569162245196199580","93910542072745963730906210286960621174","143651183351945654395008936788862968309","153565588807519245516641321357548138267","181518540221266179414657618596067690955","79190526905929199974984233414112142614","226990917230412597926031777425518894451","192038301750522978732304252332380591310","73712142896677038537369976998197256465","55819269734436224158671719536097316376","178908855247042236448030067729071985011","291864525956619739958175182635457124986","159187200350724936694553768699727121852","2840041652715579188324822575814674158","25265074336690209759976022906363770937","135838650960097277714843292576097054593","28467515644553834983081233901945956675","213516555238620568387563257684182639544","182105187982994865056634254009835838869","238646132370444170511494890340449228166","309208033224288258558599515700297799420","122663547908006295962942936874099607553","104194636075107744279129509670243687737"]},"signature_type":"Line","source":"https://android.googlesource.com/platform/system/security/+/7bf6e0a053307a0918965da9be6560e77d6cfe59","signature_version":"v1","id":"ASB-A-206090748-7c0af659","deprecated":false},{"target":{"function":"verifyArtifacts","file":"ondevice-signing/odsign_main.cpp"},"digest":{"function_hash":"284493981387205415012846669277598690417","length":539},"signature_type":"Function","source":"https://android.googlesource.com/platform/system/security/+/7bf6e0a053307a0918965da9be6560e77d6cfe59","signature_version":"v1","id":"ASB-A-206090748-9edf6fd0","deprecated":false},{"target":{"function":"main","file":"ondevice-signing/odsign_main.cpp"},"digest":{"function_hash":"115174242607445837283827550791433440053","length":3127},"signature_type":"Function","source":"https://android.googlesource.com/platform/system/security/+/7bf6e0a053307a0918965da9be6560e77d6cfe59","signature_version":"v1","id":"ASB-A-206090748-cf64cc47","deprecated":false}],"types":["EoP"],"severity":"Moderate","spl":"2022-03-01","fixes":["https://android.googlesource.com/platform/system/security/+/7bf6e0a053307a0918965da9be6560e77d6cfe59"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-206090748.json"}}],"schema_version":"1.7.5"}