ASB-A-261036568
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-261036568.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-261036568
- Aliases
-
- A-261036568
- CVE-2023-21105
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2026-04-28T15:17:37.552933Z
- Summary
- [none]
- Details
-
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2a08fce4ebcc156efd3744ed19310815c1120b1c"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"253726217667786760008791040528132999656",
"165167302911885179610450896563829207823",
"308198263087350105219476252789194270748",
"33148234405229051030539775887061536342",
"201306625178986713830207582548032348741",
"64626392253400362784024705491591654332",
"211966680561740497663714364541390396657",
"116153715281298713921740752927747948301",
"29184445118983394318225779446664608360",
"115750373127915952869675036398917464525",
"326650116780486453560701669483210725806",
"236700874485000914452409146321181107154",
"310698022803936998611094094720741513342",
"119038689631925699356694708896154400916",
"217283487424805603317170886823554103492",
"95969329680756161589316170143870448628",
"259070882552151056206184815966693850678",
"88912497356020192797924013533262549676",
"229514256451205907132793163232077046191",
"261032593118902846775410064039241912448",
"39576133507403248033081898993184736915",
"139767485848797280636432058604744442565",
"165279467349875780587234856267300500637",
"174460412890091727653647537449447150126",
"246340357046729087773355927381921432107",
"92110331819432746662594647684344581925",
"76032597784933121096796574793930000095",
"130865442130004600818944995883347485051",
"179475362227689087644960463271347172283",
"83366769743593306496754744198464650022"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/2a08fce4ebcc156efd3744ed19310815c1120b1c",
"target": {
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-2cedbf94"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1907.0,
"function_hash": "264222624834481844436079774627810762778"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/2a08fce4ebcc156efd3744ed19310815c1120b1c",
"target": {
"function": "displayImageContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-6eb89fbd"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1317.0,
"function_hash": "154106042623120946850607109636437335418"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/2a08fce4ebcc156efd3744ed19310815c1120b1c",
"target": {
"function": "displayTextContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-84373d6b"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1523.0,
"function_hash": "20520372287395268877369801923921441654"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/2a08fce4ebcc156efd3744ed19310815c1120b1c",
"target": {
"function": "displayFileContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-85e5efed"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/3062b80fb28014a7482d5fa8b2a5c852134a5845"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"72676619473570312338203408579459634006",
"279118738397569944925485559297762383710",
"253069371952622863841175709163592283731",
"90505955476097507459160713676842886738",
"101607602290044009287384226133798139799",
"29184445118983394318225779446664608360",
"115750373127915952869675036398917464525",
"326650116780486453560701669483210725806",
"236700874485000914452409146321181107154",
"249465837092934972216219783017613178809",
"109962230902670873959883426227661376359",
"24755993164753130054758367243104706440",
"326627262522977312872328903859680589951",
"122299229796650537733704690352280622000",
"88912497356020192797924013533262549676",
"229514256451205907132793163232077046191",
"261032593118902846775410064039241912448",
"107671859472151350138955221757669390837",
"104624233187743576306487380385516631443",
"229882986999134343761249696115303910731",
"16104477654381492871598930470273699266",
"17891085158116565178803411736752737802",
"77344918543907350838286617376646018070",
"1675914478338312951510863546296340483",
"130865442130004600818944995883347485051",
"179475362227689087644960463271347172283",
"83366769743593306496754744198464650022"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/3062b80fb28014a7482d5fa8b2a5c852134a5845",
"target": {
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-11e71ceb"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1483.0,
"function_hash": "168480907997865735293421016998304914791"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/3062b80fb28014a7482d5fa8b2a5c852134a5845",
"target": {
"function": "displayImageContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-2acf9479"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1293.0,
"function_hash": "313410474153800703818554734132834865285"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/3062b80fb28014a7482d5fa8b2a5c852134a5845",
"target": {
"function": "displayTextContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-36581d52"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1334.0,
"function_hash": "242379224209021669729012863555297129034"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/3062b80fb28014a7482d5fa8b2a5c852134a5845",
"target": {
"function": "displayFileContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-a328ab6c"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/e66544a48fca830dc9a12efcf8ce828c3df4cba2"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"72676619473570312338203408579459634006",
"279118738397569944925485559297762383710",
"253069371952622863841175709163592283731",
"90505955476097507459160713676842886738",
"101607602290044009287384226133798139799",
"29184445118983394318225779446664608360",
"115750373127915952869675036398917464525",
"326650116780486453560701669483210725806",
"236700874485000914452409146321181107154",
"2475584891144383762654666340009100521",
"54629919407639739298443381694112607715",
"49560251725040251662533853590902787283",
"129878659345110227341270293465588378288",
"122299229796650537733704690352280622000",
"88912497356020192797924013533262549676",
"229514256451205907132793163232077046191",
"261032593118902846775410064039241912448",
"107671859472151350138955221757669390837",
"104624233187743576306487380385516631443",
"229882986999134343761249696115303910731",
"16104477654381492871598930470273699266",
"17891085158116565178803411736752737802",
"77344918543907350838286617376646018070",
"1675914478338312951510863546296340483",
"130865442130004600818944995883347485051",
"179475362227689087644960463271347172283",
"83366769743593306496754744198464650022"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e66544a48fca830dc9a12efcf8ce828c3df4cba2",
"target": {
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-32fe74b6"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1334.0,
"function_hash": "242379224209021669729012863555297129034"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e66544a48fca830dc9a12efcf8ce828c3df4cba2",
"target": {
"function": "displayFileContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-847cf0e9"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1851.0,
"function_hash": "146855786625821132407457593341786259978"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e66544a48fca830dc9a12efcf8ce828c3df4cba2",
"target": {
"function": "displayImageContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-b01237da"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1293.0,
"function_hash": "313410474153800703818554734132834865285"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e66544a48fca830dc9a12efcf8ce828c3df4cba2",
"target": {
"function": "displayTextContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-cfa4af85"
}
],
"severity": "High"
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/fa83e125d14e458545086d16f2e7d1051812dabc"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1317.0,
"function_hash": "154106042623120946850607109636437335418"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/fa83e125d14e458545086d16f2e7d1051812dabc",
"target": {
"function": "displayTextContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-5e93a784"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1875.0,
"function_hash": "70208145209126104427639452525149750083"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/fa83e125d14e458545086d16f2e7d1051812dabc",
"target": {
"function": "displayImageContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-6f476f8e"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1491.0,
"function_hash": "86358525133426936273093614594678328156"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/fa83e125d14e458545086d16f2e7d1051812dabc",
"target": {
"function": "displayFileContentPreview",
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-b88ce3a2"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"317175481891830028875890499286253248406",
"293354176801787657407705197700276615103",
"36688713616265519136584952290530122639",
"305509367021691055189845973402872054971",
"116153715281298713921740752927747948301",
"29184445118983394318225779446664608360",
"115750373127915952869675036398917464525",
"326650116780486453560701669483210725806",
"236700874485000914452409146321181107154",
"2475584891144383762654666340009100521",
"54629919407639739298443381694112607715",
"49560251725040251662533853590902787283",
"129878659345110227341270293465588378288",
"122299229796650537733704690352280622000",
"88912497356020192797924013533262549676",
"229514256451205907132793163232077046191",
"261032593118902846775410064039241912448",
"221258311919769997448031507497479780756",
"104624233187743576306487380385516631443",
"229882986999134343761249696115303910731",
"16104477654381492871598930470273699266",
"17891085158116565178803411736752737802",
"77344918543907350838286617376646018070",
"1675914478338312951510863546296340483",
"130865442130004600818944995883347485051",
"179475362227689087644960463271347172283",
"83366769743593306496754744198464650022"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/fa83e125d14e458545086d16f2e7d1051812dabc",
"target": {
"file": "core/java/com/android/internal/app/ChooserActivity.java"
},
"id": "ASB-A-261036568-d320df11"
}
],
"severity": "High"
}