ASB-A-257443065

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-257443065.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-257443065
Aliases
Published
2023-07-01T00:00:00Z
Modified
2026-04-27T15:40:08.012512Z
Summary
[none]
Details

In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-07-01

Affected versions

Other
13-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "length": 5262.0,
                "function_hash": "59248572480963060094752201320419215239"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf",
            "id": "ASB-A-257443065-310a8784",
            "target": {
                "function": "updateSettingsInternalLI",
                "file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "153467675175800175962888267713453816060",
                    "215537321862713657399570465190911351763",
                    "14756191442787275991622645710270436802",
                    "170982238663646153455825644688940397641",
                    "150142571880650494651637258185062747944",
                    "15635671695272049313199357078984455922",
                    "137425685871481753609245383687888395581"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf",
            "id": "ASB-A-257443065-65ea6b42",
            "target": {
                "file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-257443065.json"

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-07-01

Affected versions

Other
13

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "length": 5068.0,
                "function_hash": "4222137068855988299654110975963124951"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985",
            "id": "ASB-A-257443065-070cf729",
            "target": {
                "function": "updateSettingsInternalLI",
                "file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "151981888837245236717676532140197522632",
                    "6716612515192305523447968849324276043",
                    "228158732552534766263143569986709366128",
                    "234907804752039537257925342169604273720",
                    "249064722261673849036953928188340551639",
                    "212681092029670554093991325374612992516"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985",
            "id": "ASB-A-257443065-b2d33c00",
            "target": {
                "file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-257443065.json"