ASB-A-271851153
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-271851153.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-271851153
- Aliases
-
- A-271851153
- CVE-2023-21285
- Published
- 2023-08-01T00:00:00Z
- Modified
- 2026-04-27T15:40:08.012512Z
- Summary
- [none]
- Details
-
In setMetadata of MediaSessionRecord.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/f2142c8067a71560fa40b87c582ceea6228a723d"
],
"severity": "High",
"types": [
"ID"
],
"vanir_signatures": [
{
"id": "ASB-A-271851153-41b716ff",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "MediaSessionRecord"
},
"digest": {
"function_hash": "24774534586553790363352923633023261866",
"length": 912.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f2142c8067a71560fa40b87c582ceea6228a723d",
"deprecated": false
},
{
"id": "ASB-A-271851153-81223b9e",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "setMetadata"
},
"digest": {
"function_hash": "103400571377888950412772982225656486389",
"length": 370.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f2142c8067a71560fa40b87c582ceea6228a723d",
"deprecated": false
},
{
"id": "ASB-A-271851153-cdb2072b",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"118788353495966469486812888890716631542",
"336120466067607025170696673139648716509",
"202611335804136601657122508802118536014",
"129683185035301515800774035555900214112",
"11098708689205902816189879992214658246",
"157597736016752248213318594156299798699",
"43016319493853448835693981958833016269",
"87265475123712206017992867129620060462",
"299081490920259318877727632521476767922",
"148374925796650727385779428249967735818",
"135161749878162459816307819017646668546",
"154532732720219536769453269150136500079",
"117979511076169297790614002545558763775",
"219355299421215882374711901942129989414",
"149747140338208731689258870269997687890",
"121012494729016232451427683655646025637",
"298200289347575094262899648904552585682",
"123840935212931604818249916784566765206",
"218197868472122456637773183101211040579",
"32964964762233295251048849187627362767",
"107866035148356740797267732243638789530",
"209731173057944943251888810847159461812",
"92098945887893974759868525330932299186",
"318820102731267560103760031003940638896",
"286921895757114535884683724862522328123",
"49136251089971112837700541298568844406",
"77266097254666486217265326897378613230",
"54178516831407579181215003101298533127",
"250826700866732060799766010746178270041",
"114588526983791545081435666232784061095",
"223559342123259852649070018992413409748",
"321331652130150193311337198580133176502",
"130485209652729059822780395589867437868",
"261378328701788388906080210867659757169"
]
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f2142c8067a71560fa40b87c582ceea6228a723d",
"deprecated": false
}
],
"spl": "2023-08-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/f95b7fc61d6b3bf49420ded0357bec031f8cbdcf"
],
"severity": "High",
"types": [
"ID"
],
"vanir_signatures": [
{
"id": "ASB-A-271851153-6d6885e9",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "setMetadata"
},
"digest": {
"function_hash": "103400571377888950412772982225656486389",
"length": 370.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f95b7fc61d6b3bf49420ded0357bec031f8cbdcf",
"deprecated": false
},
{
"id": "ASB-A-271851153-b7b2ebe7",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"10842717917028693918364526327914833568",
"177549062079642320147194047704110632766",
"165800735627563666482531271956335894169",
"2345543855376728000792442315142235988",
"307971806336565157533277178814836250776",
"140258472042821238951209487612915203094",
"66966700857032411844739548472985218458",
"36795562373272240829255589042793357451",
"280601448879455765800877869990222849782",
"43016319493853448835693981958833016269",
"87265475123712206017992867129620060462",
"233653901369151876016999950432223148676",
"208242874259301007852642840316255382659",
"177837693477925481534174928123200923726",
"154532732720219536769453269150136500079",
"117979511076169297790614002545558763775",
"219355299421215882374711901942129989414",
"266371345839887056834218756127440485817",
"160671619480096181649276334524367732726",
"295995200742263142922043792114423354043",
"101949880067556092114352566729365704190",
"327969965223649251967220744468632564682",
"190854323795271076949561292157405548880",
"107866035148356740797267732243638789530",
"209731173057944943251888810847159461812",
"92098945887893974759868525330932299186",
"318820102731267560103760031003940638896",
"286921895757114535884683724862522328123",
"49136251089971112837700541298568844406",
"77266097254666486217265326897378613230",
"54178516831407579181215003101298533127",
"250826700866732060799766010746178270041",
"114588526983791545081435666232784061095",
"223559342123259852649070018992413409748",
"321331652130150193311337198580133176502",
"130485209652729059822780395589867437868",
"261378328701788388906080210867659757169"
]
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f95b7fc61d6b3bf49420ded0357bec031f8cbdcf",
"deprecated": false
},
{
"id": "ASB-A-271851153-cff528e3",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "MediaSessionRecord"
},
"digest": {
"function_hash": "295242386605319794964797806577052681188",
"length": 814.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f95b7fc61d6b3bf49420ded0357bec031f8cbdcf",
"deprecated": false
}
],
"spl": "2023-08-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02"
],
"severity": "High",
"types": [
"ID"
],
"vanir_signatures": [
{
"id": "ASB-A-271851153-1ebd1371",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "setMetadata"
},
"digest": {
"function_hash": "103400571377888950412772982225656486389",
"length": 370.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
},
{
"id": "ASB-A-271851153-4952cbf3",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"112333010306060271287574479567532271789",
"173478072067900714635025148433857750736",
"26063781366599612095537924233041212811",
"334082644998293043635481032334739318235",
"91904220062129178345130522063740847558",
"180446745819319139455850870156884677676",
"339298769310645967952518957997803972437",
"812567179315126058623678304580690652",
"44274278879701415859994919349602377465",
"177837693477925481534174928123200923726",
"154532732720219536769453269150136500079",
"117979511076169297790614002545558763775",
"219355299421215882374711901942129989414",
"149747140338208731689258870269997687890",
"121012494729016232451427683655646025637",
"298200289347575094262899648904552585682",
"123840935212931604818249916784566765206",
"218197868472122456637773183101211040579",
"32964964762233295251048849187627362767",
"107866035148356740797267732243638789530",
"209731173057944943251888810847159461812",
"92098945887893974759868525330932299186",
"318820102731267560103760031003940638896",
"286921895757114535884683724862522328123",
"49136251089971112837700541298568844406",
"77266097254666486217265326897378613230",
"54178516831407579181215003101298533127",
"250826700866732060799766010746178270041",
"114588526983791545081435666232784061095",
"223559342123259852649070018992413409748",
"321331652130150193311337198580133176502",
"130485209652729059822780395589867437868",
"261378328701788388906080210867659757169"
]
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
},
{
"id": "ASB-A-271851153-766cb50f",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "MediaSessionRecord"
},
"digest": {
"function_hash": "24774534586553790363352923633023261866",
"length": 912.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
}
],
"spl": "2023-08-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02"
],
"severity": "High",
"types": [
"ID"
],
"vanir_signatures": [
{
"id": "ASB-A-271851153-195364e4",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"112333010306060271287574479567532271789",
"173478072067900714635025148433857750736",
"26063781366599612095537924233041212811",
"334082644998293043635481032334739318235",
"91904220062129178345130522063740847558",
"180446745819319139455850870156884677676",
"339298769310645967952518957997803972437",
"812567179315126058623678304580690652",
"44274278879701415859994919349602377465",
"177837693477925481534174928123200923726",
"154532732720219536769453269150136500079",
"117979511076169297790614002545558763775",
"219355299421215882374711901942129989414",
"149747140338208731689258870269997687890",
"121012494729016232451427683655646025637",
"298200289347575094262899648904552585682",
"123840935212931604818249916784566765206",
"218197868472122456637773183101211040579",
"32964964762233295251048849187627362767",
"107866035148356740797267732243638789530",
"209731173057944943251888810847159461812",
"92098945887893974759868525330932299186",
"318820102731267560103760031003940638896",
"286921895757114535884683724862522328123",
"49136251089971112837700541298568844406",
"77266097254666486217265326897378613230",
"54178516831407579181215003101298533127",
"250826700866732060799766010746178270041",
"114588526983791545081435666232784061095",
"223559342123259852649070018992413409748",
"321331652130150193311337198580133176502",
"130485209652729059822780395589867437868",
"261378328701788388906080210867659757169"
]
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
},
{
"id": "ASB-A-271851153-52cc8fa3",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "setMetadata"
},
"digest": {
"function_hash": "103400571377888950412772982225656486389",
"length": 370.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
},
{
"id": "ASB-A-271851153-71192cef",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "MediaSessionRecord"
},
"digest": {
"function_hash": "24774534586553790363352923633023261866",
"length": 912.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b8a7fd8e6f41ee54d27c1e7aaa15b4a3f5365a02",
"deprecated": false
}
],
"spl": "2023-08-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/277e7e05866a3da3c5871c071231b2b7c911d81e"
],
"severity": "High",
"types": [
"ID"
],
"vanir_signatures": [
{
"id": "ASB-A-271851153-22399f30",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "MediaSessionRecord"
},
"digest": {
"function_hash": "24774534586553790363352923633023261866",
"length": 912.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/277e7e05866a3da3c5871c071231b2b7c911d81e",
"deprecated": false
},
{
"id": "ASB-A-271851153-288cfbb8",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java",
"function": "setMetadata"
},
"digest": {
"function_hash": "103400571377888950412772982225656486389",
"length": 370.0
},
"signature_type": "Function",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/277e7e05866a3da3c5871c071231b2b7c911d81e",
"deprecated": false
},
{
"id": "ASB-A-271851153-41558f1c",
"target": {
"file": "services/core/java/com/android/server/media/MediaSessionRecord.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"206329301091285783496245527079671639037",
"196146795103047822062400128438726861772",
"26063781366599612095537924233041212811",
"129683185035301515800774035555900214112",
"91904220062129178345130522063740847558",
"180446745819319139455850870156884677676",
"339298769310645967952518957997803972437",
"271659141126652695160497016653731360265",
"44274278879701415859994919349602377465",
"177837693477925481534174928123200923726",
"154532732720219536769453269150136500079",
"117979511076169297790614002545558763775",
"219355299421215882374711901942129989414",
"149747140338208731689258870269997687890",
"121012494729016232451427683655646025637",
"298200289347575094262899648904552585682",
"123840935212931604818249916784566765206",
"218197868472122456637773183101211040579",
"32964964762233295251048849187627362767",
"107866035148356740797267732243638789530",
"209731173057944943251888810847159461812",
"92098945887893974759868525330932299186",
"318820102731267560103760031003940638896",
"286921895757114535884683724862522328123",
"49136251089971112837700541298568844406",
"77266097254666486217265326897378613230",
"54178516831407579181215003101298533127",
"250826700866732060799766010746178270041",
"114588526983791545081435666232784061095",
"223559342123259852649070018992413409748",
"321331652130150193311337198580133176502",
"130485209652729059822780395589867437868",
"261378328701788388906080210867659757169"
]
},
"signature_type": "Line",
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/frameworks/base/+/277e7e05866a3da3c5871c071231b2b7c911d81e",
"deprecated": false
}
],
"spl": "2023-08-01"
}