ASB-A-243130512
- Source
- https://storage.googleapis.com/android-osv/ASB-A-243130512.json
- Aliases
-
- CVE-2023-20909
- Published
- 2023-04-01T00:00:00Z
- Modified
- 2023-09-22T14:42:26Z
- Details
-
In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
-
- https://source.android.com/security/bulletin/2023-04-01
- https://android.googlesource.com/platform/frameworks/base/+/401e782b244bf84fd5aab371f60c2e52d6226fb3
- https://android.googlesource.com/platform/frameworks/base/+/27bc3e93eb0f767a98af38e4c454187c31472428
- https://android.googlesource.com/platform/frameworks/base/+/6c24ca2e9523a7278660c6328dee00195d210a9d
Affected packages
Android / platform/frameworks/base
Source Details
- Package Name
- platform/frameworks/base
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced11:0Fixed11:2023-04-01Introduced12:0Fixed12:2023-04-01Introduced12L:0Fixed12L:2023-04-01Introduced13:0Fixed13:2023-04-01
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/401e782b244bf84fd5aab371f60c2e52d6226fb3",
"https://android.googlesource.com/platform/frameworks/base/+/27bc3e93eb0f767a98af38e4c454187c31472428",
"https://android.googlesource.com/platform/frameworks/base/+/5ba72200f6a66b5da48c9c3abd103a73aea1ef95"
],
"spl": "2023-04-01",
"types": [
"ID"
],
"severity": "High"
}