ASB-A-265015796
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-265015796.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-265015796
- Aliases
-
- A-265015796
- CVE-2023-21131
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2026-04-28T15:17:37.552933Z
- Summary
- [none]
- Details
-
In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1357.0,
"function_hash": "126667157862992427433369528170749915470"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"function": "checkKeyIntent",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-1ec0f71f"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"269279726235430834764489983668303619838",
"301224970527528093857810951546620913378",
"21632083541574899027784884738572544808",
"4845074139378926213251432966634929394",
"320216593919433781621935692553782658334",
"324837120757869052253621695671215606261",
"251119019915510195351260001878140273028",
"254874581105462892909677502338533864400",
"142086462005718979998326854186549052833",
"175095796486878655846427029602433457625",
"142698784215887767922290825670245646189",
"10108048241515839246863293803886664129",
"255972344253536343053766771728880192920",
"90710581335430139946644631752229268697",
"38052643692161471399819362323589378100",
"297527544305584402684091488961664188139",
"140884936251336567771304088220050665775"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-22efd9f7"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1829.0,
"function_hash": "159812158505881692603263724157810429103"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"function": "startAddAccountSession",
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-3fb52d72"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"143566305696549729250864797577073939561",
"237911787562081032811532570904034081774",
"89237235422803990013979387293218386727",
"258778326798078190204209901010877057539",
"145003715184701734149269194664031412738",
"103634752343492226123316120153807405817",
"283472481419056861986397542446129973637",
"240358671385401931374510550252436498065"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java"
},
"id": "ASB-A-265015796-9fbf166a"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 409.0,
"function_hash": "269099889183086233890055092617498564435"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"function": "checkKeyIntentParceledCorrectly",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-c4abe529"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"45948630037709568820452494792232919816",
"34958516450218475959801359463520909847",
"314125733985499676275220318918945810805",
"102361261050912304624631272624197807995",
"336516437240532901905451514394087270457",
"304062951215594446792620591010380672916",
"309559088534552329809466612778027109779",
"182152067414903247376724271560502768759",
"279710915710661289844876685284334949757",
"209302156857942646960233017042372488863",
"33066578238356257485160908839629263424"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/e53a96304352e2965176c8d32ac1b504e52ef185",
"target": {
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-cb53e2c5"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1368.0,
"function_hash": "134427852295498243245548412185747219053"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"function": "checkKeyIntent",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-1e0d540b"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"143566305696549729250864797577073939561",
"237911787562081032811532570904034081774",
"89237235422803990013979387293218386727",
"258778326798078190204209901010877057539",
"145003715184701734149269194664031412738",
"103634752343492226123316120153807405817",
"283472481419056861986397542446129973637",
"240358671385401931374510550252436498065"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java"
},
"id": "ASB-A-265015796-1e1d1958"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"45948630037709568820452494792232919816",
"34958516450218475959801359463520909847",
"314125733985499676275220318918945810805",
"102361261050912304624631272624197807995",
"130191105519504475699726976314981713920",
"305600613251274760190282936265020246449",
"16189201188266487278709774551804721771",
"182152067414903247376724271560502768759",
"279710915710661289844876685284334949757",
"209302156857942646960233017042372488863",
"33066578238356257485160908839629263424"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-5fa05811"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 377.0,
"function_hash": "30346023895425935454475021047545318937"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"function": "checkKeyIntentParceledCorrectly",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-8995d6d3"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1829.0,
"function_hash": "159812158505881692603263724157810429103"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"function": "startAddAccountSession",
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-8d411cfa"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"269279726235430834764489983668303619838",
"301224970527528093857810951546620913378",
"21632083541574899027784884738572544808",
"4845074139378926213251432966634929394",
"320216593919433781621935692553782658334",
"324837120757869052253621695671215606261",
"251119019915510195351260001878140273028",
"254874581105462892909677502338533864400",
"142086462005718979998326854186549052833",
"175095796486878655846427029602433457625",
"142698784215887767922290825670245646189",
"10108048241515839246863293803886664129",
"255972344253536343053766771728880192920",
"90710581335430139946644631752229268697",
"38052643692161471399819362323589378100",
"297527544305584402684091488961664188139",
"140884936251336567771304088220050665775"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/92114886bdce8467c52c655c186f3e7ab1e134d8",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-cac94b5b"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1829.0,
"function_hash": "159812158505881692603263724157810429103"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"function": "startAddAccountSession",
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-264fb8f7"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"269279726235430834764489983668303619838",
"301224970527528093857810951546620913378",
"21632083541574899027784884738572544808",
"4845074139378926213251432966634929394",
"320216593919433781621935692553782658334",
"324837120757869052253621695671215606261",
"251119019915510195351260001878140273028",
"254874581105462892909677502338533864400",
"142086462005718979998326854186549052833",
"175095796486878655846427029602433457625",
"142698784215887767922290825670245646189",
"10108048241515839246863293803886664129",
"255972344253536343053766771728880192920",
"90710581335430139946644631752229268697",
"38052643692161471399819362323589378100",
"297527544305584402684091488961664188139",
"140884936251336567771304088220050665775"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-59f5082f"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 377.0,
"function_hash": "30346023895425935454475021047545318937"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"function": "checkKeyIntentParceledCorrectly",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-648eb966"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1374.0,
"function_hash": "249424314480977025865006628511544501288"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"function": "checkKeyIntent",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-8aeabf15"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"45948630037709568820452494792232919816",
"34958516450218475959801359463520909847",
"314125733985499676275220318918945810805",
"102361261050912304624631272624197807995",
"336516437240532901905451514394087270457",
"304062951215594446792620591010380672916",
"309559088534552329809466612778027109779",
"182152067414903247376724271560502768759",
"279710915710661289844876685284334949757",
"209302156857942646960233017042372488863",
"33066578238356257485160908839629263424"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-a151cf0d"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"143566305696549729250864797577073939561",
"237911787562081032811532570904034081774",
"89237235422803990013979387293218386727",
"258778326798078190204209901010877057539",
"145003715184701734149269194664031412738",
"103634752343492226123316120153807405817",
"283472481419056861986397542446129973637",
"240358671385401931374510550252436498065"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5e01f68bdabe8aa7154e1ed936235b5304f4c0cd",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java"
},
"id": "ASB-A-265015796-d75b92b6"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 377.0,
"function_hash": "30346023895425935454475021047545318937"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"function": "checkKeyIntentParceledCorrectly",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-632b4107"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"143566305696549729250864797577073939561",
"237911787562081032811532570904034081774",
"89237235422803990013979387293218386727",
"258778326798078190204209901010877057539",
"145003715184701734149269194664031412738",
"103634752343492226123316120153807405817",
"283472481419056861986397542446129973637",
"240358671385401931374510550252436498065"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java"
},
"id": "ASB-A-265015796-98321bc2"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1829.0,
"function_hash": "159812158505881692603263724157810429103"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"function": "startAddAccountSession",
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-a081d82e"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"269279726235430834764489983668303619838",
"301224970527528093857810951546620913378",
"21632083541574899027784884738572544808",
"4845074139378926213251432966634929394",
"320216593919433781621935692553782658334",
"324837120757869052253621695671215606261",
"251119019915510195351260001878140273028",
"254874581105462892909677502338533864400",
"142086462005718979998326854186549052833",
"175095796486878655846427029602433457625",
"142698784215887767922290825670245646189",
"10108048241515839246863293803886664129",
"255972344253536343053766771728880192920",
"90710581335430139946644631752229268697",
"38052643692161471399819362323589378100",
"297527544305584402684091488961664188139",
"140884936251336567771304088220050665775"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-b19b699d"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1374.0,
"function_hash": "249424314480977025865006628511544501288"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"function": "checkKeyIntent",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-c8901725"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"45948630037709568820452494792232919816",
"34958516450218475959801359463520909847",
"314125733985499676275220318918945810805",
"102361261050912304624631272624197807995",
"336516437240532901905451514394087270457",
"304062951215594446792620591010380672916",
"309559088534552329809466612778027109779",
"182152067414903247376724271560502768759",
"279710915710661289844876685284334949757",
"209302156857942646960233017042372488863",
"33066578238356257485160908839629263424"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/a90f96a4c4e6b4b80a0556995751fdbe5e905aeb",
"target": {
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-e406e971"
}
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1357.0,
"function_hash": "126667157862992427433369528170749915470"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"function": "checkKeyIntent",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-17d3d5ef"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"269279726235430834764489983668303619838",
"301224970527528093857810951546620913378",
"21632083541574899027784884738572544808",
"4845074139378926213251432966634929394",
"320216593919433781621935692553782658334",
"324837120757869052253621695671215606261",
"251119019915510195351260001878140273028",
"254874581105462892909677502338533864400",
"142086462005718979998326854186549052833",
"175095796486878655846427029602433457625",
"142698784215887767922290825670245646189",
"10108048241515839246863293803886664129",
"255972344253536343053766771728880192920",
"90710581335430139946644631752229268697",
"38052643692161471399819362323589378100",
"297527544305584402684091488961664188139",
"140884936251336567771304088220050665775"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-3aaf61cc"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"45948630037709568820452494792232919816",
"34958516450218475959801359463520909847",
"314125733985499676275220318918945810805",
"102361261050912304624631272624197807995",
"336516437240532901905451514394087270457",
"304062951215594446792620591010380672916",
"309559088534552329809466612778027109779",
"182152067414903247376724271560502768759",
"279710915710661289844876685284334949757",
"209302156857942646960233017042372488863",
"33066578238356257485160908839629263424"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-67220105"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 409.0,
"function_hash": "269099889183086233890055092617498564435"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"function": "checkKeyIntentParceledCorrectly",
"file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
},
"id": "ASB-A-265015796-6cfae03a"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 1829.0,
"function_hash": "159812158505881692603263724157810429103"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"function": "startAddAccountSession",
"file": "services/tests/servicestests/src/com/android/server/accounts/TestAccountType1Authenticator.java"
},
"id": "ASB-A-265015796-989fe79a"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"143566305696549729250864797577073939561",
"237911787562081032811532570904034081774",
"89237235422803990013979387293218386727",
"258778326798078190204209901010877057539",
"145003715184701734149269194664031412738",
"103634752343492226123316120153807405817",
"283472481419056861986397542446129973637",
"240358671385401931374510550252436498065"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/64f6c1e13588af3cf4d88a39d9d540c140982043",
"target": {
"file": "services/tests/servicestests/src/com/android/server/accounts/AccountManagerServiceTestFixtures.java"
},
"id": "ASB-A-265015796-ddb6359d"
}
],
"severity": "High"
}