ASB-A-247513680
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-247513680.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-247513680
- Aliases
-
- A-247513680
- CVE-2023-40074
- Published
- 2023-12-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In saveToXml of PersistableBundle.java, invalid data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2023-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 518.0,
"function_hash": "267512008066296561381844851244402387960"
},
"id": "ASB-A-247513680-37dc9313",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "restoreFromXml"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"335282400676909007198189579806973875376",
"313377180876029932701584323606454940357",
"49191771678504042421229072001716217387",
"165082012955934931444442691103829076722",
"171373983533471173072069470468802170121",
"89587191701922574269508442052068704054",
"288904276873894485354625582485196650723",
"268719844208791716186478239131942756537",
"160397782022123331563978249287854259354",
"208040751545726698537702071492358863495",
"228715143219874404794202316155364547919",
"180923771756476266762609236708114620932",
"103305832906002570009287622783201884120",
"99179444259475409224612380988953210066",
"220077003364349656641780221081718589986",
"111020136450179190085524194418929860278",
"37623338316805869855736835862729954311",
"281430182595358735871103833204118439695",
"111037008887075559029110783837851953036",
"50621477271003086277085850527081432043",
"205321669719855700167826044676474010200",
"204236554134973708632948214781412074219",
"220396214190152476469760552190838946152",
"154017994443169601757563704908388295362",
"129788909839540923603409831840819246781",
"219174354950100910028049065839540247722",
"112312775038100873395006501184461229102",
"146097743238151581622320555042919676748",
"232390452770801584865268269564417120752",
"128353176315902470959297590780278342677",
"309087419376314231084662827774097264074",
"129019045967058005927470823990242790827",
"218783291187605193282463437346025671148",
"143449464993321812397091481521843397753",
"104657244465174978547602034516785375163",
"12423699834451907165888158585440478944",
"174659271940342464576097676426084565447"
],
"threshold": 0.9
},
"id": "ASB-A-247513680-3de13f98",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06",
"target": {
"file": "core/java/android/os/PersistableBundle.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 545.0,
"function_hash": "5492349018398459536682394294984597411"
},
"id": "ASB-A-247513680-850e31da",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Function",
"digest": {
"length": 139.0,
"function_hash": "107238124957364775536419459039214913128"
},
"id": "ASB-A-247513680-c31bdeb8",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "saveToXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 60.0,
"function_hash": "101494772296260205954621633415969316634"
},
"id": "ASB-A-247513680-fbe8ad83",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/666e8ac60a31e2cc52b335b41004263f28a8db06"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2023-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 139.0,
"function_hash": "107238124957364775536419459039214913128"
},
"id": "ASB-A-247513680-6b03b165",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "saveToXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 486.0,
"function_hash": "149976608711873720900248940724378527337"
},
"id": "ASB-A-247513680-7a89c5f7",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "restoreFromXml"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"335282400676909007198189579806973875376",
"183074791463621510251053893792051150043",
"281012209318440983864959249841651473841",
"77465122452324125269547007365397237843",
"136874095998427669504962480366026252415",
"89587191701922574269508442052068704054",
"288904276873894485354625582485196650723",
"268719844208791716186478239131942756537",
"253583698187098684673806160791370126322",
"62186405358253308561293668607755559037",
"61753658436234318814018966694921470724",
"181054039962255261217069956404629018046",
"103305832906002570009287622783201884120",
"99179444259475409224612380988953210066",
"220077003364349656641780221081718589986",
"111020136450179190085524194418929860278",
"37623338316805869855736835862729954311",
"281430182595358735871103833204118439695",
"111037008887075559029110783837851953036",
"50621477271003086277085850527081432043",
"205321669719855700167826044676474010200",
"204236554134973708632948214781412074219",
"220396214190152476469760552190838946152",
"154017994443169601757563704908388295362",
"129788909839540923603409831840819246781",
"219174354950100910028049065839540247722",
"26896269911528299561823314168180224845",
"7437941762935893097458351938847521780",
"858429665523929065726667318766246280",
"128353176315902470959297590780278342677",
"309087419376314231084662827774097264074",
"129019045967058005927470823990242790827",
"218783291187605193282463437346025671148",
"143449464993321812397091481521843397753",
"104657244465174978547602034516785375163",
"12423699834451907165888158585440478944",
"269858155423756344676264057247744951319"
],
"threshold": 0.9
},
"id": "ASB-A-247513680-b4161e9f",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9",
"target": {
"file": "core/java/android/os/PersistableBundle.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 545.0,
"function_hash": "5492349018398459536682394294984597411"
},
"id": "ASB-A-247513680-da80ca79",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Function",
"digest": {
"length": 60.0,
"function_hash": "101494772296260205954621633415969316634"
},
"id": "ASB-A-247513680-fd0274a3",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/62b37ab21ce27746a79a2071deee98c61b23c8d9"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2023-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"335282400676909007198189579806973875376",
"313377180876029932701584323606454940357",
"49191771678504042421229072001716217387",
"165082012955934931444442691103829076722",
"136874095998427669504962480366026252415",
"89587191701922574269508442052068704054",
"288904276873894485354625582485196650723",
"268719844208791716186478239131942756537",
"253583698187098684673806160791370126322",
"62186405358253308561293668607755559037",
"61753658436234318814018966694921470724",
"181054039962255261217069956404629018046",
"103305832906002570009287622783201884120",
"99179444259475409224612380988953210066",
"220077003364349656641780221081718589986",
"111020136450179190085524194418929860278",
"37623338316805869855736835862729954311",
"281430182595358735871103833204118439695",
"111037008887075559029110783837851953036",
"50621477271003086277085850527081432043",
"205321669719855700167826044676474010200",
"204236554134973708632948214781412074219",
"220396214190152476469760552190838946152",
"154017994443169601757563704908388295362",
"129788909839540923603409831840819246781",
"219174354950100910028049065839540247722",
"112312775038100873395006501184461229102",
"146097743238151581622320555042919676748",
"232390452770801584865268269564417120752",
"128353176315902470959297590780278342677",
"309087419376314231084662827774097264074",
"129019045967058005927470823990242790827",
"218783291187605193282463437346025671148",
"143449464993321812397091481521843397753",
"104657244465174978547602034516785375163",
"12423699834451907165888158585440478944",
"269858155423756344676264057247744951319"
],
"threshold": 0.9
},
"id": "ASB-A-247513680-1d4cd093",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4",
"target": {
"file": "core/java/android/os/PersistableBundle.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 510.0,
"function_hash": "232420018912174287506438556098705718188"
},
"id": "ASB-A-247513680-93f216a6",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "restoreFromXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 60.0,
"function_hash": "101494772296260205954621633415969316634"
},
"id": "ASB-A-247513680-984ae0e7",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Function",
"digest": {
"length": 139.0,
"function_hash": "107238124957364775536419459039214913128"
},
"id": "ASB-A-247513680-ed17d3d3",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "saveToXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 545.0,
"function_hash": "5492349018398459536682394294984597411"
},
"id": "ASB-A-247513680-fa4cc6ca",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/0e0819c9d6a957e56764c89e68542bb51bdb7db4"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2023-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 545.0,
"function_hash": "5492349018398459536682394294984597411"
},
"id": "ASB-A-247513680-1ef80cfb",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Function",
"digest": {
"length": 510.0,
"function_hash": "232420018912174287506438556098705718188"
},
"id": "ASB-A-247513680-468b8e6e",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "restoreFromXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 60.0,
"function_hash": "101494772296260205954621633415969316634"
},
"id": "ASB-A-247513680-78a0893a",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"335282400676909007198189579806973875376",
"313377180876029932701584323606454940357",
"49191771678504042421229072001716217387",
"165082012955934931444442691103829076722",
"136874095998427669504962480366026252415",
"89587191701922574269508442052068704054",
"288904276873894485354625582485196650723",
"268719844208791716186478239131942756537",
"253583698187098684673806160791370126322",
"62186405358253308561293668607755559037",
"61753658436234318814018966694921470724",
"181054039962255261217069956404629018046",
"103305832906002570009287622783201884120",
"99179444259475409224612380988953210066",
"220077003364349656641780221081718589986",
"111020136450179190085524194418929860278",
"37623338316805869855736835862729954311",
"281430182595358735871103833204118439695",
"111037008887075559029110783837851953036",
"50621477271003086277085850527081432043",
"205321669719855700167826044676474010200",
"204236554134973708632948214781412074219",
"220396214190152476469760552190838946152",
"154017994443169601757563704908388295362",
"129788909839540923603409831840819246781",
"219174354950100910028049065839540247722",
"112312775038100873395006501184461229102",
"146097743238151581622320555042919676748",
"232390452770801584865268269564417120752",
"128353176315902470959297590780278342677",
"309087419376314231084662827774097264074",
"129019045967058005927470823990242790827",
"218783291187605193282463437346025671148",
"143449464993321812397091481521843397753",
"104657244465174978547602034516785375163",
"12423699834451907165888158585440478944",
"269858155423756344676264057247744951319"
],
"threshold": 0.9
},
"id": "ASB-A-247513680-94d1bc9c",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054",
"target": {
"file": "core/java/android/os/PersistableBundle.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 139.0,
"function_hash": "107238124957364775536419459039214913128"
},
"id": "ASB-A-247513680-a9d825f2",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "saveToXml"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a495a282660940657ed20670c35c6d83fa1de054"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2023-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 545.0,
"function_hash": "5492349018398459536682394294984597411"
},
"id": "ASB-A-247513680-31855e96",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"335282400676909007198189579806973875376",
"313377180876029932701584323606454940357",
"49191771678504042421229072001716217387",
"165082012955934931444442691103829076722",
"171373983533471173072069470468802170121",
"89587191701922574269508442052068704054",
"288904276873894485354625582485196650723",
"268719844208791716186478239131942756537",
"160397782022123331563978249287854259354",
"208040751545726698537702071492358863495",
"228715143219874404794202316155364547919",
"180923771756476266762609236708114620932",
"103305832906002570009287622783201884120",
"99179444259475409224612380988953210066",
"220077003364349656641780221081718589986",
"111020136450179190085524194418929860278",
"37623338316805869855736835862729954311",
"281430182595358735871103833204118439695",
"111037008887075559029110783837851953036",
"50621477271003086277085850527081432043",
"205321669719855700167826044676474010200",
"204236554134973708632948214781412074219",
"220396214190152476469760552190838946152",
"154017994443169601757563704908388295362",
"129788909839540923603409831840819246781",
"219174354950100910028049065839540247722",
"112312775038100873395006501184461229102",
"146097743238151581622320555042919676748",
"232390452770801584865268269564417120752",
"128353176315902470959297590780278342677",
"309087419376314231084662827774097264074",
"129019045967058005927470823990242790827",
"218783291187605193282463437346025671148",
"143449464993321812397091481521843397753",
"104657244465174978547602034516785375163",
"12423699834451907165888158585440478944",
"174659271940342464576097676426084565447"
],
"threshold": 0.9
},
"id": "ASB-A-247513680-78ac622d",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146",
"target": {
"file": "core/java/android/os/PersistableBundle.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 139.0,
"function_hash": "107238124957364775536419459039214913128"
},
"id": "ASB-A-247513680-ae32f362",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "saveToXml"
}
},
{
"signature_type": "Function",
"digest": {
"length": 60.0,
"function_hash": "101494772296260205954621633415969316634"
},
"id": "ASB-A-247513680-db4ee7b0",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "PersistableBundle"
}
},
{
"signature_type": "Function",
"digest": {
"length": 518.0,
"function_hash": "267512008066296561381844851244402387960"
},
"id": "ASB-A-247513680-deaea6c9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146",
"target": {
"file": "core/java/android/os/PersistableBundle.java",
"function": "restoreFromXml"
}
}
],
"types": [
"DoS"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/3c5aa21b4df54c0c0fcbcf00d1b62fa771022146"
]
}