{"id":"ASB-A-246301979","details":"In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-246301979","CVE-2022-20497"],"modified":"2026-05-29T15:55:33.750044621Z","published":"2022-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-12-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/0a8f3dd2a8f47fee05a7cd499b42117bbae9a656"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-12-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"function_hash":"190588418345551663355609765547692379538","length":538},"id":"ASB-A-246301979-6998adc7","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"function":"onFinishedWakingUp","file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"},"signature_version":"v1","deprecated":false,"signature_type":"Function"},{"digest":{"threshold":0.9,"line_hashes":["70977099148725676643647344963098177975","87601262829086973039946857110525689631","75229539166028879170821491842669397854"]},"id":"ASB-A-246301979-8d5ad13f","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["189019318573364597729775322045545370920","259939595903421309363087070372861885779","138848741958075048862797082257222276444","51141288845929682830478177053491776503"]},"id":"ASB-A-246301979-a90dbde1","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b"],"spl":"2022-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246301979.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-12-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["70977099148725676643647344963098177975","87601262829086973039946857110525689631","75229539166028879170821491842669397854"]},"id":"ASB-A-246301979-ce0270ec","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["189019318573364597729775322045545370920","259939595903421309363087070372861885779","138848741958075048862797082257222276444","51141288845929682830478177053491776503"]},"id":"ASB-A-246301979-d43ba20f","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"function_hash":"190588418345551663355609765547692379538","length":538},"id":"ASB-A-246301979-f95647a2","source":"https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b","target":{"function":"onFinishedWakingUp","file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/StatusBar.java"},"signature_version":"v1","deprecated":false,"signature_type":"Function"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/9d20909eaed9a8eae2ee73827bc15b1353e2dd8b"],"spl":"2022-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246301979.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2022-12-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"function_hash":"3257698937743569462312817818861464109","length":489},"id":"ASB-A-246301979-398d8c89","source":"https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b","target":{"function":"onFinishedWakingUp","file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/CentralSurfacesImpl.java"},"signature_version":"v1","deprecated":false,"signature_type":"Function"},{"signature_type":"Line","id":"ASB-A-246301979-8da12421","source":"https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java"},"signature_version":"v1","deprecated":true,"digest":{"threshold":0.9,"line_hashes":["98317385964836131882163772788634368997","67278402601670486467211230165609993486","215244966485946350205066817988521522727","311919143622420956565248882532809556421","174231740453555715249936759787492739996","118152048707043496487424110566791159151","216623025662135250270535399797555570705"]}},{"digest":{"threshold":0.9,"line_hashes":["301014903525879260202893730219960317250","87601262829086973039946857110525689631","75229539166028879170821491842669397854"]},"id":"ASB-A-246301979-baae5d8a","source":"https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/notification/stack/NotificationStackScrollLayoutController.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["51914021411191037143158952518150035281","299157340109141744649597792175238208421","11675338619483250530617358545678883365","51141288845929682830478177053491776503"]},"id":"ASB-A-246301979-c29e0c66","source":"https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b","target":{"file":"packages/SystemUI/src/com/android/systemui/statusbar/phone/CentralSurfacesImpl.java"},"signature_version":"v1","deprecated":false,"signature_type":"Line"},{"digest":{"function_hash":"262455860185120603881231326193312185329","length":770},"id":"ASB-A-246301979-da54a1fe","source":"https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b","target":{"function":"updatePublicMode","file":"packages/SystemUI/src/com/android/systemui/statusbar/NotificationLockscreenUserManagerImpl.java"},"signature_version":"v1","deprecated":true,"signature_type":"Function"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/09d333e09cf0ef418c0bd32581d94aa01ade4d9b"],"spl":"2022-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246301979.json"}}],"schema_version":"1.7.5"}