ASB-A-284297452
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-284297452.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-284297452
- Aliases
-
- A-284297452
- CVE-2023-40081
- Published
- 2024-03-01T00:00:00Z
- Modified
- 2025-11-28T17:48:39.806548Z
- Summary
- [none]
- Details
-
In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/470f62bc8954e45018796f87f56b78f41dad45d6",
"https://android.googlesource.com/platform/frameworks/base/+/96ad0ecd45a36438b80a809ab4c669f5af8d9df1"
],
"types": [
"ID"
],
"severity": "High",
"vanir_signatures": [
{
"deprecated": true,
"signature_version": "v1",
"id": "ASB-A-284297452-143f8bc7",
"source": "https://android.googlesource.com/platform/frameworks/base/+/96ad0ecd45a36438b80a809ab4c669f5af8d9df1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"6861422742356935308781358437954986041",
"320938097064625856399105781385367184691",
"140563195996355726159336738084483484049",
"181332758451393043334121165483858809029",
"153560322394754509977182755712331720330",
"122562715670897109600439201331115488857",
"166673523750221533460663182719239531333",
"315507946539148082859979337014673660432",
"206733332151688434163517705028365431633",
"232975640711783965219677640021016743113",
"228484795863839999914856991184209348021",
"176642110138968974820457257637332968327",
"306964448876893060432434753667276949095",
"56714197230442957681134960935872326808"
]
},
"signature_type": "Line",
"match_only_versions": [
"14-next"
],
"target": {
"file": "core/java/android/view/inputmethod/RemoteInputConnectionImpl.java"
}
},
{
"deprecated": true,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315148219331921030566269997373448571861",
"84927060747918175780603861222671478559",
"332159229995226341690674039300130497150",
"201959732788354591480747998562276185002",
"176977018547643727165555349925919150112",
"61273032671010555112067042498848993705",
"210952737140323125617952079181036189101",
"93009082751397301251252160799821283646",
"314799369627835642921827884396392181379",
"112759502581764341096944093756514286120",
"124555838638100306386168115262917624364"
]
},
"id": "ASB-A-284297452-83cb9aab",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/96ad0ecd45a36438b80a809ab4c669f5af8d9df1",
"target": {
"file": "services/core/java/com/android/server/uri/UriGrantsManagerService.java"
}
},
{
"deprecated": true,
"signature_version": "v1",
"digest": {
"function_hash": "73032467395090789751693529465866180379",
"length": 667.0
},
"id": "ASB-A-284297452-b5c1426c",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/96ad0ecd45a36438b80a809ab4c669f5af8d9df1",
"target": {
"file": "core/java/android/view/inputmethod/RemoteInputConnectionImpl.java",
"function": "commitContent"
}
}
],
"spl": "2024-03-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/ffae193f19f902d4ae890be579cd44573feeaedc"
],
"types": [
"ID"
],
"severity": "High",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315148219331921030566269997373448571861",
"84927060747918175780603861222671478559",
"332159229995226341690674039300130497150",
"201959732788354591480747998562276185002",
"176977018547643727165555349925919150112",
"61273032671010555112067042498848993705",
"210952737140323125617952079181036189101",
"93009082751397301251252160799821283646",
"227990557030464011859896503966642626211",
"52085707954234942960123877579721840727",
"69709612454831442075279851855499445807"
]
},
"id": "ASB-A-284297452-f94e6958",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/ffae193f19f902d4ae890be579cd44573feeaedc",
"target": {
"file": "services/core/java/com/android/server/uri/UriGrantsManagerService.java"
}
}
],
"spl": "2024-03-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1f758ee33f19efce1b57270d518e444d13309731"
],
"types": [
"ID"
],
"severity": "High",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315148219331921030566269997373448571861",
"84927060747918175780603861222671478559",
"332159229995226341690674039300130497150",
"201959732788354591480747998562276185002",
"176977018547643727165555349925919150112",
"61273032671010555112067042498848993705",
"210952737140323125617952079181036189101",
"93009082751397301251252160799821283646",
"227990557030464011859896503966642626211",
"52085707954234942960123877579721840727",
"69709612454831442075279851855499445807"
]
},
"id": "ASB-A-284297452-1034f215",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1f758ee33f19efce1b57270d518e444d13309731",
"target": {
"file": "services/core/java/com/android/server/uri/UriGrantsManagerService.java"
}
}
],
"spl": "2024-03-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a3b7a10a15aa41ad75866922d528a4dc02fc8ca3"
],
"types": [
"ID"
],
"severity": "High",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315148219331921030566269997373448571861",
"84927060747918175780603861222671478559",
"332159229995226341690674039300130497150",
"201959732788354591480747998562276185002",
"176977018547643727165555349925919150112",
"61273032671010555112067042498848993705",
"210952737140323125617952079181036189101",
"93009082751397301251252160799821283646",
"314799369627835642921827884396392181379",
"112759502581764341096944093756514286120",
"124555838638100306386168115262917624364"
]
},
"id": "ASB-A-284297452-bd663be7",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/a3b7a10a15aa41ad75866922d528a4dc02fc8ca3",
"target": {
"file": "services/core/java/com/android/server/uri/UriGrantsManagerService.java"
}
}
],
"spl": "2024-03-01"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/c8b7d562cfd8006e12ffcd621ec7811a393025f6"
],
"types": [
"ID"
],
"severity": "High",
"vanir_signatures": [
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"315148219331921030566269997373448571861",
"84927060747918175780603861222671478559",
"332159229995226341690674039300130497150",
"201959732788354591480747998562276185002",
"176977018547643727165555349925919150112",
"61273032671010555112067042498848993705",
"210952737140323125617952079181036189101",
"93009082751397301251252160799821283646",
"314799369627835642921827884396392181379",
"112759502581764341096944093756514286120",
"124555838638100306386168115262917624364"
]
},
"id": "ASB-A-284297452-24ddbd74",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c8b7d562cfd8006e12ffcd621ec7811a393025f6",
"target": {
"file": "services/core/java/com/android/server/uri/UriGrantsManagerService.java"
}
}
],
"spl": "2024-03-01"
}