ASB-A-251778420
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-251778420.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-251778420
- Aliases
-
- A-251778420
- CVE-2023-20953
- Published
- 2023-03-01T00:00:00Z
- Modified
- 2026-04-29T15:10:00.007170Z
- Summary
- [none]
- Details
-
In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-03-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/828a0f4119dc9fcc4d37b7bebf273e50ad9452f8"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"156089486446672276104939384709799485012",
"247489564588645683066041968166888899408",
"159333107798570288722831522931981089116",
"7779789082296313623919544458835083841"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/828a0f4119dc9fcc4d37b7bebf273e50ad9452f8",
"target": {
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardOverlayEvent.java"
},
"id": "ASB-A-251778420-1ba90f53"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 370.0,
"function_hash": "163616617409505397925772287913492927131"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/828a0f4119dc9fcc4d37b7bebf273e50ad9452f8",
"target": {
"function": "ClipboardListener",
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-e65b21b2"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"309581880082468664890615874362150298307",
"290713473686484743134435199018660868192",
"125086800664531810233244192573394945604",
"213397167234201302211258576993310905521",
"278022484617456028622226787674637850115",
"223822114968220071995820990362281277239",
"60254624148788914146812642766198597675",
"122477520417919189248448050365781709757",
"131612434293971132997415771018155786932",
"269608855099054148987306395709298825063",
"122452521751584533698827875918308582641",
"74404033281583706059496170027092788709",
"19406050301543940170011858521462660821",
"257953885181127943614555779612410865412",
"151674660547208224282796242661472765441",
"241456740878156651035435419854837801161",
"271939621894415413819538425139888966960",
"286854077548159339452735490885179277316",
"12032462277226907458175941468009316201",
"193313797412553161777221056153129801807",
"248560729695152217155726981239557645810",
"156321972731938097640597609995111951200",
"75738616800887975703766665217168134669",
"108942948949134335390799107156065291892",
"70759375248159447586080211205304490687",
"63117889591247637637495899209034550212",
"95057946815911575937226800607872892391",
"334913295936487476872037364203414688009",
"310139932874319052922534928380921507855",
"229863061187885724883184160459852161773"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/828a0f4119dc9fcc4d37b7bebf273e50ad9452f8",
"target": {
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-f7763afd"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 858.0,
"function_hash": "219351335013367947261065571847453308197"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/828a0f4119dc9fcc4d37b7bebf273e50ad9452f8",
"target": {
"function": "onPrimaryClipChanged",
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-fd45b4c8"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-03-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/d7a278b39b01cc702b662be8b34bce1d57a9c1bc"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"309581880082468664890615874362150298307",
"290713473686484743134435199018660868192",
"125086800664531810233244192573394945604",
"213397167234201302211258576993310905521",
"278022484617456028622226787674637850115",
"223822114968220071995820990362281277239",
"60254624148788914146812642766198597675",
"122477520417919189248448050365781709757",
"131612434293971132997415771018155786932",
"125779980347631476019928671724312763687",
"169493190944002751429899487613272271182",
"66879199921287805607875445529951955848",
"314842808877825538817675070553731191825",
"25229828275610777341056241225813543088",
"281089925387180210179754115820347940627",
"170124664270987702032518632205966714408",
"195365186065560602252128432150883688526",
"104183916122917838078245832284816992076",
"98812802323807388100124691672265923753",
"74503409301123797152219791772415137143",
"330786941628146078507284131374059267072",
"203857675260388581819490843047309835141",
"52755846890464675160805277348157355398",
"70759375248159447586080211205304490687",
"63117889591247637637495899209034550212",
"95057946815911575937226800607872892391",
"255968344502106778106651872309622454916"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d7a278b39b01cc702b662be8b34bce1d57a9c1bc",
"target": {
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-19954fb6"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 205.0,
"function_hash": "183291673990674099932770244616853195957"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d7a278b39b01cc702b662be8b34bce1d57a9c1bc",
"target": {
"function": "ClipboardListener",
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-c3f65ed1"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 700.0,
"function_hash": "279707309442175443040838845589895096753"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d7a278b39b01cc702b662be8b34bce1d57a9c1bc",
"target": {
"function": "onPrimaryClipChanged",
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardListener.java"
},
"id": "ASB-A-251778420-ca61cee5"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"156089486446672276104939384709799485012",
"247489564588645683066041968166888899408",
"159333107798570288722831522931981089116",
"7779789082296313623919544458835083841"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/d7a278b39b01cc702b662be8b34bce1d57a9c1bc",
"target": {
"file": "packages/SystemUI/src/com/android/systemui/clipboardoverlay/ClipboardOverlayEvent.java"
},
"id": "ASB-A-251778420-d886441c"
}
],
"severity": "High"
}