ASB-A-279902472

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-279902472.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-279902472
Aliases
Published
2023-10-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In onCreate of ApnEditor.java, there is a possible way for a Guest user to change the APN due to a permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android
platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14-next:0
Fixed
14-next:2023-10-01

Affected versions

Other
14-next

Ecosystem specific 

{
    "spl": "2023-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e18e7414c674a1c5bc69961c03499849b4aefd2",
            "signature_version": "v1",
            "id": "ASB-A-279902472-4f95ed50",
            "digest": {
                "length": 2063.0,
                "function_hash": "152610087046714648780611739448265895775"
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e18e7414c674a1c5bc69961c03499849b4aefd2",
            "signature_version": "v1",
            "id": "ASB-A-279902472-f1f8637b",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "100041008446260560396476630504279122632",
                    "197440316143246402731199565354473608321",
                    "70840163502051476079726514185892266905",
                    "244617952890001118372071042936428388011",
                    "253967541776609911089824468622285267085",
                    "162574523912741452380634460621824356014",
                    "45614435444533552429023121767383526343",
                    "271285628984379760273372622606079034026",
                    "220136755168173347836623543778097906037",
                    "127548030616501896579967466812780655682",
                    "226212641881934404685962328827268654771",
                    "6291049940031259618325275032442921755"
                ]
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/4e18e7414c674a1c5bc69961c03499849b4aefd2"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-279902472.json"
platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-10-01

Affected versions

Other
11

Ecosystem specific 

{
    "spl": "2023-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5c2d727b8f9198bf758a4896eda7c9e5385435ff",
            "signature_version": "v1",
            "id": "ASB-A-279902472-55827adc",
            "digest": {
                "length": 1839.0,
                "function_hash": "34987420686896681253052769836241055652"
            },
            "target": {
                "file": "src/com/android/settings/network/ApnEditor.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5c2d727b8f9198bf758a4896eda7c9e5385435ff",
            "signature_version": "v1",
            "id": "ASB-A-279902472-b84b6f97",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "100041008446260560396476630504279122632",
                    "197440316143246402731199565354473608321",
                    "70840163502051476079726514185892266905",
                    "244617952890001118372071042936428388011",
                    "38196262269454676375805172647623459301",
                    "162574523912741452380634460621824356014",
                    "45614435444533552429023121767383526343",
                    "271285628984379760273372622606079034026",
                    "257647301880991909851187323489183030391",
                    "302527794259696103092579999911948872205",
                    "249004662640481674558636069371120830480"
                ]
            },
            "target": {
                "file": "src/com/android/settings/network/ApnEditor.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/5c2d727b8f9198bf758a4896eda7c9e5385435ff"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-279902472.json"
platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-10-01

Affected versions

Other
12

Ecosystem specific 

{
    "spl": "2023-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e3b554b29674ef20946451d0b46d3213838e753d",
            "signature_version": "v1",
            "id": "ASB-A-279902472-658735d8",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "100041008446260560396476630504279122632",
                    "197440316143246402731199565354473608321",
                    "70840163502051476079726514185892266905",
                    "244617952890001118372071042936428388011",
                    "38196262269454676375805172647623459301",
                    "162574523912741452380634460621824356014",
                    "45614435444533552429023121767383526343",
                    "271285628984379760273372622606079034026",
                    "220136755168173347836623543778097906037",
                    "127548030616501896579967466812780655682",
                    "226212641881934404685962328827268654771",
                    "6291049940031259618325275032442921755"
                ]
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java"
            },
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/e3b554b29674ef20946451d0b46d3213838e753d",
            "signature_version": "v1",
            "id": "ASB-A-279902472-91ffd49a",
            "digest": {
                "length": 1839.0,
                "function_hash": "34987420686896681253052769836241055652"
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/e3b554b29674ef20946451d0b46d3213838e753d"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-279902472.json"
platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-10-01

Affected versions

Other
12L

Ecosystem specific 

{
    "spl": "2023-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/6afcad76262ff87e0dd7c6d0394e00fcff0c1c6b",
            "signature_version": "v1",
            "id": "ASB-A-279902472-a8b1b21d",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "100041008446260560396476630504279122632",
                    "197440316143246402731199565354473608321",
                    "70840163502051476079726514185892266905",
                    "244617952890001118372071042936428388011",
                    "38196262269454676375805172647623459301",
                    "162574523912741452380634460621824356014",
                    "45614435444533552429023121767383526343",
                    "271285628984379760273372622606079034026",
                    "220136755168173347836623543778097906037",
                    "127548030616501896579967466812780655682",
                    "226212641881934404685962328827268654771",
                    "6291049940031259618325275032442921755"
                ]
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java"
            },
            "signature_type": "Line"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/6afcad76262ff87e0dd7c6d0394e00fcff0c1c6b",
            "signature_version": "v1",
            "id": "ASB-A-279902472-b994e9f2",
            "digest": {
                "length": 1839.0,
                "function_hash": "34987420686896681253052769836241055652"
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/6afcad76262ff87e0dd7c6d0394e00fcff0c1c6b"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-279902472.json"
platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-10-01

Affected versions

Other
13

Ecosystem specific 

{
    "spl": "2023-10-01",
    "severity": "High",
    "types": [
        "EoP"
    ],
    "vanir_signatures": [
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ef2fd5b7cd74426568e8e82fb0dcddbfdaa943bf",
            "signature_version": "v1",
            "id": "ASB-A-279902472-0de5b231",
            "digest": {
                "length": 2050.0,
                "function_hash": "120011954125153054742972270375951367173"
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ef2fd5b7cd74426568e8e82fb0dcddbfdaa943bf",
            "signature_version": "v1",
            "id": "ASB-A-279902472-2e292ee8",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "100041008446260560396476630504279122632",
                    "197440316143246402731199565354473608321",
                    "70840163502051476079726514185892266905",
                    "244617952890001118372071042936428388011",
                    "253967541776609911089824468622285267085",
                    "162574523912741452380634460621824356014",
                    "45614435444533552429023121767383526343",
                    "271285628984379760273372622606079034026",
                    "220136755168173347836623543778097906037",
                    "127548030616501896579967466812780655682",
                    "226212641881934404685962328827268654771",
                    "6291049940031259618325275032442921755"
                ]
            },
            "target": {
                "file": "src/com/android/settings/network/apn/ApnEditor.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ef2fd5b7cd74426568e8e82fb0dcddbfdaa943bf"
    ]
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-279902472.json"