ASB-A-276294099

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-276294099.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-276294099
Aliases
Published
2023-08-01T00:00:00Z
Modified
2026-04-27T15:40:08.012512Z
Summary
[none]
Details

In visitUris of Notification.java, there is a possible way to reveal images across users due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-08-01

Affected versions

Other
13-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "324233427981781607540306433621735949661",
                    "264942182053378596134081566774471213955",
                    "247322044271246743110306386928965046179",
                    "50405876539861166732624558246520248555"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/13bfb2282f1aa51f2cc3feab865dd95fe2099740",
            "id": "ASB-A-276294099-8675f3e5",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "length": 2848.0,
                "function_hash": "102290230980165670159391216524883580302"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/13bfb2282f1aa51f2cc3feab865dd95fe2099740",
            "id": "ASB-A-276294099-93acf9dd",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/13bfb2282f1aa51f2cc3feab865dd95fe2099740"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-276294099.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-08-01

Affected versions

Other
11

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "length": 2375.0,
                "function_hash": "111248229135962808590699590406878258901"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9663d493142b59c65311bc09d48427d3bdde0222",
            "id": "ASB-A-276294099-4bd76cb2",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "324233427981781607540306433621735949661",
                    "264942182053378596134081566774471213955",
                    "247322044271246743110306386928965046179",
                    "50405876539861166732624558246520248555"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/9663d493142b59c65311bc09d48427d3bdde0222",
            "id": "ASB-A-276294099-f0b9d2ff",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/9663d493142b59c65311bc09d48427d3bdde0222"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-276294099.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-08-01

Affected versions

Other
12

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "length": 2698.0,
                "function_hash": "143390102946370275124655086785671619060"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-8529d90c",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "324233427981781607540306433621735949661",
                    "264942182053378596134081566774471213955",
                    "247322044271246743110306386928965046179",
                    "50405876539861166732624558246520248555"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-fe18d1d4",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-276294099.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-08-01

Affected versions

Other
12L

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "324233427981781607540306433621735949661",
                    "264942182053378596134081566774471213955",
                    "247322044271246743110306386928965046179",
                    "50405876539861166732624558246520248555"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-30613b06",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "length": 2698.0,
                "function_hash": "143390102946370275124655086785671619060"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-7e152e04",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-276294099.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-08-01

Affected versions

Other
13

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "deprecated": false,
            "digest": {
                "length": 2698.0,
                "function_hash": "143390102946370275124655086785671619060"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-3be54603",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "324233427981781607540306433621735949661",
                    "264942182053378596134081566774471213955",
                    "247322044271246743110306386928965046179",
                    "50405876539861166732624558246520248555"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53",
            "id": "ASB-A-276294099-d293a69b",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/67cd169d073486c7c047b80ab83843cdee69bf53"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-276294099.json"