{"id":"ASB-A-246540168","details":"In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-246540168","CVE-2022-20500"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2022-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-12-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/d5122bfaf18f1503e73c1a3a177a56d0f604a008"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-12-01"}]}],"versions":["10"],"ecosystem_specific":{"types":["DoS"],"severity":"High","vanir_signatures":[{"signature_type":"Function","digest":{"function_hash":"303307791426374916355773548631408145706","length":1163},"source":"https://android.googlesource.com/platform/frameworks/base/+/9b0dd514d29bbf986f1d1a3c6cebc2ef2bcf782e","signature_version":"v1","id":"ASB-A-246540168-b21ebe2c","target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java","function":"loadFromXml"},"deprecated":false},{"id":"ASB-A-246540168-c87b34dc","digest":{"line_hashes":["34419333322541914813054904699286127292","12464633297697607084927863006138098181","178337061343133787076664750874546771501","119490588587155382841851979906465608031","219571269220090821969910062474873505339","48533088707302787240171646085345067499"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/9b0dd514d29bbf986f1d1a3c6cebc2ef2bcf782e","signature_version":"v1","target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java"},"signature_type":"Line","deprecated":false}],"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/9b0dd514d29bbf986f1d1a3c6cebc2ef2bcf782e"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246540168.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2022-12-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"High","types":["DoS"],"vanir_signatures":[{"digest":{"function_hash":"303307791426374916355773548631408145706","length":1163},"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java","function":"loadFromXml"},"source":"https://android.googlesource.com/platform/frameworks/base/+/a8fe41afb0a89979386ffd17213eb7b5f1c3739d","signature_version":"v1","signature_type":"Function","id":"ASB-A-246540168-70845aa7","deprecated":false},{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/a8fe41afb0a89979386ffd17213eb7b5f1c3739d","digest":{"line_hashes":["34419333322541914813054904699286127292","12464633297697607084927863006138098181","178337061343133787076664750874546771501","119490588587155382841851979906465608031","219571269220090821969910062474873505339","48533088707302787240171646085345067499"],"threshold":0.9},"signature_type":"Line","id":"ASB-A-246540168-88518ba1","deprecated":false}],"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/a8fe41afb0a89979386ffd17213eb7b5f1c3739d"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246540168.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-12-01"}]}],"versions":["12"],"ecosystem_specific":{"types":["DoS"],"severity":"High","vanir_signatures":[{"signature_version":"v1","signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82","digest":{"function_hash":"234566476942551792555054834701921045702","length":1305},"id":"ASB-A-246540168-241602ba","target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java","function":"loadFromXml"},"deprecated":false},{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82","digest":{"line_hashes":["34419333322541914813054904699286127292","12464633297697607084927863006138098181","178337061343133787076664750874546771501","119490588587155382841851979906465608031","219571269220090821969910062474873505339","48533088707302787240171646085345067499"],"threshold":0.9},"signature_type":"Line","id":"ASB-A-246540168-79431f6c","deprecated":false}],"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246540168.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-12-01"}]}],"versions":["12L"],"ecosystem_specific":{"types":["DoS"],"severity":"High","vanir_signatures":[{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java","function":"loadFromXml"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82","digest":{"function_hash":"234566476942551792555054834701921045702","length":1305},"signature_type":"Function","id":"ASB-A-246540168-8f2ca78e","deprecated":false},{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82","digest":{"line_hashes":["34419333322541914813054904699286127292","12464633297697607084927863006138098181","178337061343133787076664750874546771501","119490588587155382841851979906465608031","219571269220090821969910062474873505339","48533088707302787240171646085345067499"],"threshold":0.9},"signature_type":"Line","id":"ASB-A-246540168-b2d6378c","deprecated":false}],"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/36338a315218221e51c24a42e44c4f743d416f82"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246540168.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2022-12-01"}]}],"versions":["13"],"ecosystem_specific":{"types":["DoS"],"severity":"High","vanir_signatures":[{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/5238a70be8c3348f9592de5e625f6311e4d51032","digest":{"line_hashes":["34419333322541914813054904699286127292","12464633297697607084927863006138098181","178337061343133787076664750874546771501","119490588587155382841851979906465608031","219571269220090821969910062474873505339","48533088707302787240171646085345067499"],"threshold":0.9},"signature_type":"Line","id":"ASB-A-246540168-6b98b4b5","deprecated":false},{"target":{"file":"services/core/java/com/android/server/pm/ShortcutPackage.java","function":"loadFromXml"},"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/base/+/5238a70be8c3348f9592de5e625f6311e4d51032","digest":{"function_hash":"63506753563844308566678897586287669685","length":1351},"signature_type":"Function","id":"ASB-A-246540168-73182cb7","deprecated":false}],"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/5238a70be8c3348f9592de5e625f6311e4d51032"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246540168.json"}}],"schema_version":"1.7.5"}