ASB-A-261589597
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-261589597.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-261589597
- Aliases
-
- A-261589597
- CVE-2023-21109
- Published
- 2023-05-01T00:00:00Z
- Modified
- 2026-04-28T15:17:37.552933Z
- Summary
- [none]
- Details
-
In multiple places of AccessibilityService, there is a possible way to hide the app from the user due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": true,
"digest": {
"line_hashes": [
"48694407734698710333817151001293651637",
"314536423431872940325646138748132163141",
"158041874584000712439746295766875668738",
"329939988617601460708251749600273920647"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-2d03f03d"
},
{
"match_only_versions": [
"13-next"
],
"signature_type": "Line",
"deprecated": true,
"digest": {
"line_hashes": [
"147900558044786314545792267672359057071",
"305030024658995885760197020537217538051",
"34580958047436048544740729871600899808",
"63745783541070982358345387298588196107"
],
"threshold": 0.9
},
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-80c396fd",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693",
"signature_version": "v1"
},
{
"match_only_versions": [
"13-next"
],
"signature_type": "Function",
"deprecated": true,
"digest": {
"length": 424.0,
"function_hash": "165698572771369437219152039154783444871"
},
"target": {
"function": "sendServiceInfo",
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-b6f86095",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693",
"signature_version": "v1"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": true,
"digest": {
"length": 1392.0,
"function_hash": "327644116232500776411480852830376714587"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693",
"target": {
"function": "readInstalledAccessibilityServiceLocked",
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-b7f90edc"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": true,
"digest": {
"line_hashes": [
"170037414358564621991525497824986822371",
"244205176284508835220576540860640103823",
"118372462599051336567357512769278181216",
"314577834603114930318408273265161439235",
"97382286431948649308030780653505556793",
"233867508006465175029397194017396114778",
"98606073892487192750627463589260288854"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/c909ac47796c74c7c7aeb661424af4ce2292d693",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityServiceInfo.java"
},
"id": "ASB-A-261589597-f758204d"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"170037414358564621991525497824986822371",
"244205176284508835220576540860640103823",
"118372462599051336567357512769278181216",
"314577834603114930318408273265161439235",
"97382286431948649308030780653505556793",
"233867508006465175029397194017396114778",
"98606073892487192750627463589260288854"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityServiceInfo.java"
},
"id": "ASB-A-261589597-3bc0e283"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1392.0,
"function_hash": "327644116232500776411480852830376714587"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "readInstalledAccessibilityServiceLocked",
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-3e315a52"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 400.0,
"function_hash": "291975609762650079011159303815140279746"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "sendServiceInfo",
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-94b2da83"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"161630145876711414564351607509148585028",
"208779422458420669090741997733246251966",
"53421519010825774745735383141132778459",
"63745783541070982358345387298588196107"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-9bb88a62"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"48694407734698710333817151001293651637",
"314536423431872940325646138748132163141",
"158041874584000712439746295766875668738",
"329939988617601460708251749600273920647"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-f10861cb"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 400.0,
"function_hash": "291975609762650079011159303815140279746"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "sendServiceInfo",
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-1ab4ea24"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"48694407734698710333817151001293651637",
"314536423431872940325646138748132163141",
"158041874584000712439746295766875668738",
"329939988617601460708251749600273920647"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-2a3eff5a"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1392.0,
"function_hash": "327644116232500776411480852830376714587"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "readInstalledAccessibilityServiceLocked",
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-6fc63038"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"161630145876711414564351607509148585028",
"208779422458420669090741997733246251966",
"53421519010825774745735383141132778459",
"63745783541070982358345387298588196107"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-797cbd00"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"170037414358564621991525497824986822371",
"244205176284508835220576540860640103823",
"118372462599051336567357512769278181216",
"314577834603114930318408273265161439235",
"97382286431948649308030780653505556793",
"233867508006465175029397194017396114778",
"98606073892487192750627463589260288854"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityServiceInfo.java"
},
"id": "ASB-A-261589597-de61399c"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"48694407734698710333817151001293651637",
"314536423431872940325646138748132163141",
"158041874584000712439746295766875668738",
"329939988617601460708251749600273920647"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-027c2757"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1392.0,
"function_hash": "327644116232500776411480852830376714587"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "readInstalledAccessibilityServiceLocked",
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-2b4a7cfa"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"170037414358564621991525497824986822371",
"244205176284508835220576540860640103823",
"118372462599051336567357512769278181216",
"314577834603114930318408273265161439235",
"97382286431948649308030780653505556793",
"233867508006465175029397194017396114778",
"98606073892487192750627463589260288854"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityServiceInfo.java"
},
"id": "ASB-A-261589597-481d026d"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 400.0,
"function_hash": "291975609762650079011159303815140279746"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "sendServiceInfo",
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-ae8f7c85"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"161630145876711414564351607509148585028",
"208779422458420669090741997733246251966",
"53421519010825774745735383141132778459",
"63745783541070982358345387298588196107"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-f884e09c"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"170037414358564621991525497824986822371",
"244205176284508835220576540860640103823",
"118372462599051336567357512769278181216",
"314577834603114930318408273265161439235",
"97382286431948649308030780653505556793",
"233867508006465175029397194017396114778",
"98606073892487192750627463589260288854"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityServiceInfo.java"
},
"id": "ASB-A-261589597-106d560a"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 400.0,
"function_hash": "291975609762650079011159303815140279746"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "sendServiceInfo",
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-20867de9"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"161630145876711414564351607509148585028",
"208779422458420669090741997733246251966",
"53421519010825774745735383141132778459",
"63745783541070982358345387298588196107"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "core/java/android/accessibilityservice/AccessibilityService.java"
},
"id": "ASB-A-261589597-48184e17"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1392.0,
"function_hash": "327644116232500776411480852830376714587"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"function": "readInstalledAccessibilityServiceLocked",
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-5a86d5d4"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"48694407734698710333817151001293651637",
"314536423431872940325646138748132163141",
"158041874584000712439746295766875668738",
"329939988617601460708251749600273920647"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/553232c29079fbeab28f95307d025c1426aa7142",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
},
"id": "ASB-A-261589597-c160e3ad"
}
],
"severity": "High"
}