{"id":"ASB-A-257030107","details":"In getNumberFromCallIntent of NewOutgoingCallIntentBroadcaster.java, there is a possible way to enumerate other user's contact phone number due to a confused deputy. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-257030107","CVE-2023-21082"],"modified":"2026-05-27T15:53:17.428190120Z","published":"2023-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/services/Telecomm/+/e96d20e5244346179f49a88fea8ab5e0929444e5"}],"affected":[{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-04-01"}]}],"versions":["13-next"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"signature_type":"Function","id":"ASB-A-257030107-4ffd9e2e","digest":{"length":441,"function_hash":"25650367202118149377194985008445113167"},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java","function":"getNumberFromCallIntent"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-257030107-cfe5498b","digest":{"line_hashes":["327619331133315666563816080453806279531","32318420182758874816211085765289972831","110281608545597591164431212138094532539","205695334337411931340614792260803245969","337691025631713075387907201661943463651"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"},"signature_version":"v1","deprecated":false}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/8e68d38e7c19316616be56a32d529e304ca5f964"],"spl":"2023-04-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-257030107.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-04-01"}]}],"versions":["11"],"ecosystem_specific":{"types":["ID"],"spl":"2023-04-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-257030107-25fd71ec","digest":{"line_hashes":["327619331133315666563816080453806279531","32318420182758874816211085765289972831","110281608545597591164431212138094532539","205695334337411931340614792260803245969","337691025631713075387907201661943463651"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"},"signature_version":"v1","deprecated":false},{"signature_type":"Function","id":"ASB-A-257030107-e3a85c8c","digest":{"function_hash":"25650367202118149377194985008445113167","length":441},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java","function":"getNumberFromCallIntent"},"signature_version":"v1","deprecated":false}],"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/9636518478fb887dd1834c0433eb3a71eb72faaf"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-257030107.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-04-01"}]}],"versions":["12"],"ecosystem_specific":{"spl":"2023-04-01","vanir_signatures":[{"signature_type":"Function","id":"ASB-A-257030107-425f4601","digest":{"length":441,"function_hash":"25650367202118149377194985008445113167"},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java","function":"getNumberFromCallIntent"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-257030107-5fc5ac0c","digest":{"line_hashes":["327619331133315666563816080453806279531","32318420182758874816211085765289972831","110281608545597591164431212138094532539","205695334337411931340614792260803245969","337691025631713075387907201661943463651"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"},"signature_version":"v1","deprecated":false}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/298e4ced68ac9a4b32ac4b0d2c872f0458033038"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-257030107.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-04-01"}]}],"versions":["12L"],"ecosystem_specific":{"types":["ID"],"spl":"2023-04-01","vanir_signatures":[{"signature_type":"Line","id":"ASB-A-257030107-4959307f","digest":{"line_hashes":["327619331133315666563816080453806279531","32318420182758874816211085765289972831","110281608545597591164431212138094532539","205695334337411931340614792260803245969","337691025631713075387907201661943463651"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"},"signature_version":"v1","deprecated":false},{"signature_version":"v1","signature_type":"Function","digest":{"length":441,"function_hash":"25650367202118149377194985008445113167"},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java","function":"getNumberFromCallIntent"},"id":"ASB-A-257030107-cd06d5b9","deprecated":false}],"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/7bd3707b732d30be513cd98a91d4fb6857f3fba0"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-257030107.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-04-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"signature_type":"Function","id":"ASB-A-257030107-20a54918","digest":{"length":441,"function_hash":"25650367202118149377194985008445113167"},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java","function":"getNumberFromCallIntent"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-257030107-311e5964","digest":{"line_hashes":["327619331133315666563816080453806279531","32318420182758874816211085765289972831","110281608545597591164431212138094532539","205695334337411931340614792260803245969","337691025631713075387907201661943463651"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1","target":{"file":"src/com/android/server/telecom/NewOutgoingCallIntentBroadcaster.java"},"signature_version":"v1","deprecated":false}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/12073ab45493ad1018ee55334733cfa41e5df4f1"],"spl":"2023-04-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-257030107.json"}}],"schema_version":"1.7.5"}