ASB-A-218495634
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-218495634.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-218495634
- Aliases
-
- CVE-2023-21267
- Published
- 2024-04-01T00:00:00Z
- Modified
- 2024-07-26T15:05:20Z
- Summary
- Lockdown vs. Screen pinning mode
- Details
-
In multiple functions of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2024-04-01
- https://android.googlesource.com/platform/frameworks/base/+/cecddcd865f72d76f7aacb1cf4479365847299f9
- https://android.googlesource.com/platform/frameworks/base/+/cb7e9c7549a2a076ec00db15e3da0d21b31b0b1c
- https://android.googlesource.com/platform/frameworks/base/+/e205cd30e91d8eeadf562140c34c306ebf7d6394
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/6962dbcd2eaf91552eb243aff0c0b95e567d27ca",
"https://android.googlesource.com/platform/frameworks/base/+/eaa129138096bc00b663bca93a5af9786aa47154",
"https://android.googlesource.com/platform/frameworks/base/+/5fba6ecb07c70dfc229a63249bf105c09ebea5b3",
"https://android.googlesource.com/platform/frameworks/base/+/d341f1ecdb011d24b17358f115391b3f997cb179"
],
"spl": "2024-04-01",
"types": [
"ID"
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b23c2d5fb6630ea0da503b937f62880594b13e94",
"https://android.googlesource.com/platform/frameworks/base/+/f57217125f2b124c16c463ef4507fb054cc1ba4f",
"https://android.googlesource.com/platform/frameworks/base/+/35a6e2f2c952440b1102033b2c3e496438503cff",
"https://android.googlesource.com/platform/frameworks/base/+/ce7ca2d9f405c94062504411c886eff93bd7ce15"
],
"spl": "2024-04-01",
"types": [
"ID"
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/100ae42365d7fc8ba7d241e8c9a7ef6aa0cdb961",
"https://android.googlesource.com/platform/frameworks/base/+/996896e672f28aa96a3d8158192de3cd4a105bc3",
"https://android.googlesource.com/platform/frameworks/base/+/faaf58d3b910c388b0a7c51dc370a7ae18e7cec2",
"https://android.googlesource.com/platform/frameworks/base/+/ce7ca2d9f405c94062504411c886eff93bd7ce15"
],
"spl": "2024-04-01",
"types": [
"ID"
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/100ae42365d7fc8ba7d241e8c9a7ef6aa0cdb961",
"https://android.googlesource.com/platform/frameworks/base/+/996896e672f28aa96a3d8158192de3cd4a105bc3",
"https://android.googlesource.com/platform/frameworks/base/+/faaf58d3b910c388b0a7c51dc370a7ae18e7cec2",
"https://android.googlesource.com/platform/frameworks/base/+/ba8dfc68aada76127abafdb17d0f0896cc14447a"
],
"spl": "2024-04-01",
"types": [
"ID"
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/eaa129138096bc00b663bca93a5af9786aa47154",
"https://android.googlesource.com/platform/frameworks/base/+/d9c7c85c52c007fdedb177b9f5f98821d0a76090",
"https://android.googlesource.com/platform/frameworks/base/+/93149616ba8255ec82877e43d4b41c2ebd6abf24"
],
"spl": "2024-04-01",
"types": [
"ID"
],
"severity": "High"
}