ASB-A-230492947

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-230492947.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-230492947

Aliases

CVE-2024-0036

Published

2024-02-01T00:00:00Z

Modified

2024-07-26T15:04:09Z

Summary

Start foreground activity from background in ActivityTaskManagerService#startNextMatchingActivity

Details

In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14-next:0

Fixed

14-next:2024-02-01

Affected versions

Other

14-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/e3c537ddea5ce8b28eeb89300ef602753cfe42a4"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

11:0

Fixed

11:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d8368be4f8fb7019ea24b4798f029301c704092c"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d54a64bdf71d1c91542b6885149fd176622ad0b4"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12L:0

Fixed

12L:2024-02-01

Affected versions

Other

12L

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d54a64bdf71d1c91542b6885149fd176622ad0b4"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3e9da3ec4705b072dbe8a10e8ffc841f4928381c"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}

Android / platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2024-02-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/e1edaa27ea2f6911977556c5bba876a2319d5e2d"
    ],
    "spl": "2024-02-01",
    "types": [
        "EoP"
    ],
    "severity": "High"
}