ASB-A-259938771
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-259938771.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-259938771
- Aliases
-
- A-259938771
- CVE-2023-21104
- Published
- 2023-05-01T00:00:00Z
- Modified
- 2026-04-28T15:17:37.552933Z
- Summary
- [none]
- Details
-
In applySyncTransaction of WindowOrganizer.java, a missing permission check could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/65ac64c3476f42f8437481bff77485f53ab4f391"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"24167277397551134546542269956654826946",
"59354035683255245686438663322948847719",
"141436198444055060434533248862068064600",
"71372327696440544856753655530964729435",
"210089888014606679534144853351660770729"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/65ac64c3476f42f8437481bff77485f53ab4f391",
"target": {
"file": "core/java/android/window/WindowOrganizer.java"
},
"id": "ASB-A-259938771-94e054c1"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"94873515176354498119726965180125014759",
"69134896768068446205333039147865737471",
"43153660374862486007131981049621156825",
"47773090083289433534609771822341692986"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d",
"target": {
"file": "services/core/java/com/android/server/wm/WindowOrganizerController.java"
},
"id": "ASB-A-259938771-1d083d4d"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 146.0,
"function_hash": "125141909306182988522930486158020411585"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d",
"target": {
"function": "applySyncTransaction",
"file": "core/java/android/window/TaskFragmentOrganizer.java"
},
"id": "ASB-A-259938771-c37c9c70"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 515.0,
"function_hash": "85499661603049198270436623753962518799"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d",
"target": {
"function": "applySyncTransaction",
"file": "services/core/java/com/android/server/wm/WindowOrganizerController.java"
},
"id": "ASB-A-259938771-dfe336fc"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"108595815495287482905946503145369390890",
"273699918406182242923181054390688436475",
"170937474303982607169189269718626162175",
"133450629759479855441231124383360709263",
"7496200274902299290492361216841137135",
"156773150231249587012878326627470087874",
"54067275844175185450265451145859420513",
"139008005705741279889019115769842795249",
"301954793450460953634022364525325029661",
"244195558835990736426134245007675438194"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d",
"target": {
"file": "core/java/android/window/TaskFragmentOrganizer.java"
},
"id": "ASB-A-259938771-e14366b9"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"24167277397551134546542269956654826946",
"59354035683255245686438663322948847719",
"141436198444055060434533248862068064600",
"71372327696440544856753655530964729435",
"210089888014606679534144853351660770729"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/9a91f75d298a7fd81367ee89aef4bc2b7d27d80d",
"target": {
"file": "core/java/android/window/WindowOrganizer.java"
},
"id": "ASB-A-259938771-edd0be08"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"108595815495287482905946503145369390890",
"273699918406182242923181054390688436475",
"170937474303982607169189269718626162175",
"133450629759479855441231124383360709263",
"7496200274902299290492361216841137135",
"156773150231249587012878326627470087874",
"54067275844175185450265451145859420513",
"139008005705741279889019115769842795249",
"301954793450460953634022364525325029661",
"244195558835990736426134245007675438194"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718",
"target": {
"file": "core/java/android/window/TaskFragmentOrganizer.java"
},
"id": "ASB-A-259938771-56a13645"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 146.0,
"function_hash": "125141909306182988522930486158020411585"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718",
"target": {
"function": "applySyncTransaction",
"file": "core/java/android/window/TaskFragmentOrganizer.java"
},
"id": "ASB-A-259938771-817d648c"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"24167277397551134546542269956654826946",
"59354035683255245686438663322948847719",
"141436198444055060434533248862068064600",
"71372327696440544856753655530964729435",
"210089888014606679534144853351660770729"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718",
"target": {
"file": "core/java/android/window/WindowOrganizer.java"
},
"id": "ASB-A-259938771-ad972a6d"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 909.0,
"function_hash": "94972001688045139022611512129235857976"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718",
"target": {
"function": "applySyncTransaction",
"file": "services/core/java/com/android/server/wm/WindowOrganizerController.java"
},
"id": "ASB-A-259938771-b416cfee"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"94873515176354498119726965180125014759",
"69134896768068446205333039147865737471",
"43153660374862486007131981049621156825",
"47773090083289433534609771822341692986"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/6d848929eab6249b0ba1b8bd6d454744850b1718",
"target": {
"file": "services/core/java/com/android/server/wm/WindowOrganizerController.java"
},
"id": "ASB-A-259938771-c13d2766"
}
],
"severity": "High"
}