ASB-A-283006437
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-283006437.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-283006437
- Aliases
-
- A-283006437
- CVE-2023-21270
- Published
- 2023-08-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way for an app to keep permissions that should be revoked due to incorrect permission flags cleared during an update. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 8812.0,
"function_hash": "142246288412129094408514203199238561948"
},
"id": "ASB-A-283006437-b41927e2",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/75d59e2c837fe80573d005d614b5605f049d670b",
"target": {
"function": "restorePermissionState",
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"241855179621913930701588804709780155522",
"275479356698363652495977846336318607251",
"255741566803734956684115847599940359502",
"329511216806155411583397618051815937323",
"230890054020277999966381857942827090781",
"30743053879712092806019355833439531329",
"164061260477018033836468278206461597782",
"186425670345635799098268351722874335822",
"276325974263410010527862255220314547069",
"218520723691657242980782739382052017414",
"155526587664885433202374294265209902170",
"204856196167746811870896199949595693266",
"295885706405182841829403271221225263171",
"145729099851963986731834857453604949671",
"292148157103032482322089350809150613971",
"167382233552830894443080007920035353773",
"314429486213177128614653224747932411797",
"276325974263410010527862255220314547069",
"118032391002288377293566182663078948299",
"314595102839975675297811354990239556759",
"120323400186829302355158193795315749404",
"163986750517143368853988482277776772815",
"197201103724724939510754681281531348217",
"194974524402462089005617861962819942918",
"92828404067021723650658033648695093647",
"166946909467751980189952350180328577663",
"15866680198536122678978656592794424777",
"176595566564772642823644730206600131131",
"178686642698283105794922610506754798137",
"234428186770411006908902272106075667589",
"75963442116464278584509164306047510920",
"74776902845116693701746993520768117870",
"12555057430024890003862183139881997738",
"107490859850623254815892131356663147820",
"194923508558333860654626642113920483145",
"25435482031621032640164583620808387257",
"286001486748147234981313512722507028679",
"20353192589936882140155114595647809471",
"249850546937422752978060123149387108317",
"259493669906692371733530881195881315277",
"331702832483086198673641645128446701892",
"112187493214145262221793608858508324924",
"73191787758393067461880425633411347621",
"67881705992814538402892150868489171754"
]
},
"id": "ASB-A-283006437-df1c9da6",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/75d59e2c837fe80573d005d614b5605f049d670b",
"target": {
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/75d59e2c837fe80573d005d614b5605f049d670b"
],
"types": [
"EoP"
],
"spl": "2023-08-01",
"severity": "High"
}platform/packages/apps/Launcher3
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 8212.0,
"function_hash": "245572871958414356327954138591672841843"
},
"id": "ASB-A-283006437-1ee35752",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f",
"target": {
"function": "restorePermissionState",
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerService.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"241855179621913930701588804709780155522",
"275479356698363652495977846336318607251",
"255741566803734956684115847599940359502",
"329511216806155411583397618051815937323",
"230890054020277999966381857942827090781",
"30743053879712092806019355833439531329",
"164061260477018033836468278206461597782",
"186425670345635799098268351722874335822",
"276325974263410010527862255220314547069",
"218520723691657242980782739382052017414",
"155526587664885433202374294265209902170",
"204856196167746811870896199949595693266",
"295885706405182841829403271221225263171",
"145729099851963986731834857453604949671",
"292148157103032482322089350809150613971",
"167382233552830894443080007920035353773",
"314429486213177128614653224747932411797",
"276325974263410010527862255220314547069",
"118032391002288377293566182663078948299",
"314595102839975675297811354990239556759",
"163722187449539808166127513629106944859",
"146762435681937213432946232827403882886",
"37911553657853436485296153724958281419",
"108645160186932075327622118651056146738",
"92828404067021723650658033648695093647",
"166946909467751980189952350180328577663",
"15866680198536122678978656592794424777",
"176595566564772642823644730206600131131",
"178686642698283105794922610506754798137",
"234428186770411006908902272106075667589",
"75963442116464278584509164306047510920",
"74776902845116693701746993520768117870",
"12555057430024890003862183139881997738",
"107490859850623254815892131356663147820",
"194923508558333860654626642113920483145",
"25435482031621032640164583620808387257",
"286001486748147234981313512722507028679",
"20353192589936882140155114595647809471",
"249850546937422752978060123149387108317",
"160578629446369328838463630213056123111",
"55800704381838252904979346999253933746",
"250265219113820724228197185886707073118",
"19782484586458661874039702862718242670",
"25424149211409059614636043450427951459"
]
},
"id": "ASB-A-283006437-444d16b0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f",
"target": {
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f"
],
"types": [
"EoP"
],
"spl": "2023-08-01",
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"241855179621913930701588804709780155522",
"275479356698363652495977846336318607251",
"255741566803734956684115847599940359502",
"329511216806155411583397618051815937323",
"230890054020277999966381857942827090781",
"30743053879712092806019355833439531329",
"164061260477018033836468278206461597782",
"186425670345635799098268351722874335822",
"276325974263410010527862255220314547069",
"218520723691657242980782739382052017414",
"155526587664885433202374294265209902170",
"204856196167746811870896199949595693266",
"295885706405182841829403271221225263171",
"145729099851963986731834857453604949671",
"292148157103032482322089350809150613971",
"167382233552830894443080007920035353773",
"314429486213177128614653224747932411797",
"276325974263410010527862255220314547069",
"118032391002288377293566182663078948299",
"314595102839975675297811354990239556759",
"163722187449539808166127513629106944859",
"146762435681937213432946232827403882886",
"37911553657853436485296153724958281419",
"108645160186932075327622118651056146738",
"92828404067021723650658033648695093647",
"166946909467751980189952350180328577663",
"15866680198536122678978656592794424777",
"176595566564772642823644730206600131131",
"178686642698283105794922610506754798137",
"234428186770411006908902272106075667589",
"75963442116464278584509164306047510920",
"74776902845116693701746993520768117870",
"12555057430024890003862183139881997738",
"107490859850623254815892131356663147820",
"194923508558333860654626642113920483145",
"25435482031621032640164583620808387257",
"286001486748147234981313512722507028679",
"20353192589936882140155114595647809471",
"249850546937422752978060123149387108317",
"160578629446369328838463630213056123111",
"55800704381838252904979346999253933746",
"250265219113820724228197185886707073118",
"19782484586458661874039702862718242670",
"25424149211409059614636043450427951459"
]
},
"id": "ASB-A-283006437-2df8e8a0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f",
"target": {
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerService.java"
}
},
{
"digest": {
"length": 8212.0,
"function_hash": "245572871958414356327954138591672841843"
},
"id": "ASB-A-283006437-a3f25229",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f",
"target": {
"function": "restorePermissionState",
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/0e1ebd84e27f5d4fa8bc6577705293251bcbac4f"
],
"types": [
"EoP"
],
"spl": "2023-08-01",
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 8661.0,
"function_hash": "145104657252555869640414577518760746497"
},
"id": "ASB-A-283006437-11162f0b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/4ebd48959ce962b87c3468724ee4d7390714e3f3",
"target": {
"function": "restorePermissionState",
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"241855179621913930701588804709780155522",
"275479356698363652495977846336318607251",
"255741566803734956684115847599940359502",
"329511216806155411583397618051815937323",
"230890054020277999966381857942827090781",
"30743053879712092806019355833439531329",
"164061260477018033836468278206461597782",
"186425670345635799098268351722874335822",
"276325974263410010527862255220314547069",
"218520723691657242980782739382052017414",
"155526587664885433202374294265209902170",
"204856196167746811870896199949595693266",
"295885706405182841829403271221225263171",
"145729099851963986731834857453604949671",
"292148157103032482322089350809150613971",
"167382233552830894443080007920035353773",
"314429486213177128614653224747932411797",
"276325974263410010527862255220314547069",
"118032391002288377293566182663078948299",
"314595102839975675297811354990239556759",
"163722187449539808166127513629106944859",
"146762435681937213432946232827403882886",
"37911553657853436485296153724958281419",
"108645160186932075327622118651056146738",
"92828404067021723650658033648695093647",
"166946909467751980189952350180328577663",
"15866680198536122678978656592794424777",
"176595566564772642823644730206600131131",
"178686642698283105794922610506754798137",
"234428186770411006908902272106075667589",
"75963442116464278584509164306047510920",
"74776902845116693701746993520768117870",
"12555057430024890003862183139881997738",
"107490859850623254815892131356663147820",
"194923508558333860654626642113920483145",
"25435482031621032640164583620808387257",
"286001486748147234981313512722507028679",
"20353192589936882140155114595647809471",
"249850546937422752978060123149387108317",
"160578629446369328838463630213056123111",
"55800704381838252904979346999253933746",
"250265219113820724228197185886707073118",
"19782484586458661874039702862718242670",
"25424149211409059614636043450427951459"
]
},
"id": "ASB-A-283006437-437192db",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/4ebd48959ce962b87c3468724ee4d7390714e3f3",
"target": {
"file": "services/core/java/com/android/server/pm/permission/PermissionManagerServiceImpl.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/4ebd48959ce962b87c3468724ee4d7390714e3f3"
],
"types": [
"EoP"
],
"spl": "2023-08-01",
"severity": "High"
}