ASB-A-188554048

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-188554048.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-188554048
Aliases
Published
2021-09-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In the SELinux policy configured in systemapp.te, there is a possible way for systemapp to gain code execution in other processes due to an overly-permissive SELinux policy. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/system/sepolicy

Package

Name
platform/system/sepolicy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-09-01

Affected versions

Other
11

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/system/sepolicy/+/16b7d5d829bf2c457e230ccb328c69f33e6e031b"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2021-09-01",
    "severity": "Moderate"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-188554048.json"