ASB-A-293602317
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-293602317.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-293602317
- Aliases
-
- A-293602317
- CVE-2024-0024
- Published
- 2024-05-01T00:00:00Z
- Modified
- 2026-04-24T15:37:38.793646Z
- Summary
- [none]
- Details
-
In multiple methods of UserManagerService.java, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9463191120944565777214923587569540280",
"122948831978021524892316983953446463325",
"92472102344881644431830790738066790673",
"167065115139944003153512953068553907891",
"340215464376248865824947300777503185264",
"221168945578021651559295763786183083054",
"131744847661277240634565311564085973108",
"103367733749084258736728368274322623346",
"179925580572788879788475130054462708914",
"196342960548204308401723679118648079086",
"290321685008039217998855658215928044591",
"75387723144994033401847672675012393388",
"67366564525647400157695413450827258220",
"272780187264705393032792419979498836551",
"238741401060336175638099375497740303177",
"259279927726206483199262694158630246435",
"183029252510547657779880201967699359444",
"195441015140250236884590713138112717388",
"154830493048076088366513224219833566639",
"292349649739903354519742504810837097269",
"74757550851833025026619482507635734368",
"335645142261224268762006381740052233188",
"109183959224805865307895779680093246307",
"320347336774733139136288916442402746975",
"153537896584459150438194966513331789145",
"290138044157543726570565097636556565394",
"94951731505717292874816718517677494937",
"212459908943937449820271126626157033223",
"143346065962046306861345672815340128659",
"39202483775613760801013793315159228727",
"223464662744292259328231130015590290691",
"243196525702888915879421091889262579799",
"222906682215279304745915779653792229664",
"2041196555325525214139183417421403394",
"188099220589577487798346861997025355777"
]
},
"id": "ASB-A-293602317-3607cff1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/ad66666a7345f233e31f49445d42c74bd7767264",
"deprecated": false,
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "202562576093626664732976268044019536821",
"length": 6218.0
},
"id": "ASB-A-293602317-603c018a",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/ad66666a7345f233e31f49445d42c74bd7767264",
"deprecated": false,
"target": {
"function": "createUserInternalUncheckedNoTracing",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "144548358230426864873260022106430419425",
"length": 3635.0
},
"id": "ASB-A-293602317-a9ea5d47",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/ad66666a7345f233e31f49445d42c74bd7767264",
"deprecated": false,
"target": {
"function": "writeUserLP",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "162974419970696908515454636762840654481",
"length": 527.0
},
"id": "ASB-A-293602317-bb4015b1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/ad66666a7345f233e31f49445d42c74bd7767264",
"deprecated": false,
"target": {
"function": "setSeedAccountDataNoChecks",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/ad66666a7345f233e31f49445d42c74bd7767264"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"336770520496282681441314896640216048437",
"196318341949663620568384875019858555190",
"58551288301263779771889156118854047197",
"167065115139944003153512953068553907891",
"340215464376248865824947300777503185264",
"221168945578021651559295763786183083054",
"131744847661277240634565311564085973108",
"103367733749084258736728368274322623346",
"179925580572788879788475130054462708914",
"196342960548204308401723679118648079086",
"290321685008039217998855658215928044591",
"75387723144994033401847672675012393388",
"67366564525647400157695413450827258220",
"272780187264705393032792419979498836551",
"238741401060336175638099375497740303177",
"279577176035107001512934654237869507516",
"145880162779565741837819676483228499300",
"127809519349970645360697777428549622625",
"307980875257337246381009565866838557903",
"330212089550213811688452876207213689027",
"292349649739903354519742504810837097269",
"6127841152270119643958952414669350211",
"335645142261224268762006381740052233188",
"109183959224805865307895779680093246307",
"320347336774733139136288916442402746975",
"153537896584459150438194966513331789145",
"290138044157543726570565097636556565394",
"183149366999774343672822517647013108117",
"278675113163975809037263769056095463902",
"143346065962046306861345672815340128659",
"39202483775613760801013793315159228727",
"223464662744292259328231130015590290691",
"243196525702888915879421091889262579799",
"222906682215279304745915779653792229664",
"2041196555325525214139183417421403394",
"188099220589577487798346861997025355777"
]
},
"id": "ASB-A-293602317-3e8fc968",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/46caac641941f2e8865a8d53400f959b3bd98d88",
"deprecated": false,
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "17478972632755109935792096038178691063",
"length": 565.0
},
"id": "ASB-A-293602317-eecf54bd",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/46caac641941f2e8865a8d53400f959b3bd98d88",
"deprecated": false,
"target": {
"function": "setSeedAccountData",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "14431357685230850289420472586775119205",
"length": 3298.0
},
"id": "ASB-A-293602317-f1299a83",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/46caac641941f2e8865a8d53400f959b3bd98d88",
"deprecated": false,
"target": {
"function": "writeUserLP",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "272657188131738071713369073931175915923",
"length": 5792.0
},
"id": "ASB-A-293602317-f4915321",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/46caac641941f2e8865a8d53400f959b3bd98d88",
"deprecated": false,
"target": {
"function": "createUserInternalUncheckedNoTracing",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/46caac641941f2e8865a8d53400f959b3bd98d88"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "17478972632755109935792096038178691063",
"length": 565.0
},
"id": "ASB-A-293602317-05556f3a",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "setSeedAccountData",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "14431357685230850289420472586775119205",
"length": 3298.0
},
"id": "ASB-A-293602317-13d2e283",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "writeUserLP",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "272657188131738071713369073931175915923",
"length": 5792.0
},
"id": "ASB-A-293602317-2050492b",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "createUserInternalUncheckedNoTracing",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"336770520496282681441314896640216048437",
"196318341949663620568384875019858555190",
"58551288301263779771889156118854047197",
"167065115139944003153512953068553907891",
"340215464376248865824947300777503185264",
"221168945578021651559295763786183083054",
"131744847661277240634565311564085973108",
"103367733749084258736728368274322623346",
"179925580572788879788475130054462708914",
"196342960548204308401723679118648079086",
"290321685008039217998855658215928044591",
"75387723144994033401847672675012393388",
"67366564525647400157695413450827258220",
"272780187264705393032792419979498836551",
"238741401060336175638099375497740303177",
"279577176035107001512934654237869507516",
"145880162779565741837819676483228499300",
"127809519349970645360697777428549622625",
"307980875257337246381009565866838557903",
"330212089550213811688452876207213689027",
"292349649739903354519742504810837097269",
"6127841152270119643958952414669350211",
"335645142261224268762006381740052233188",
"109183959224805865307895779680093246307",
"320347336774733139136288916442402746975",
"153537896584459150438194966513331789145",
"290138044157543726570565097636556565394",
"183149366999774343672822517647013108117",
"278675113163975809037263769056095463902",
"143346065962046306861345672815340128659",
"39202483775613760801013793315159228727",
"223464662744292259328231130015590290691",
"243196525702888915879421091889262579799",
"222906682215279304745915779653792229664",
"2041196555325525214139183417421403394",
"188099220589577487798346861997025355777"
]
},
"id": "ASB-A-293602317-a1d3211d",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "17478972632755109935792096038178691063",
"length": 565.0
},
"id": "ASB-A-293602317-2418bb06",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "setSeedAccountData",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"336770520496282681441314896640216048437",
"196318341949663620568384875019858555190",
"58551288301263779771889156118854047197",
"167065115139944003153512953068553907891",
"340215464376248865824947300777503185264",
"221168945578021651559295763786183083054",
"131744847661277240634565311564085973108",
"103367733749084258736728368274322623346",
"179925580572788879788475130054462708914",
"196342960548204308401723679118648079086",
"290321685008039217998855658215928044591",
"75387723144994033401847672675012393388",
"67366564525647400157695413450827258220",
"272780187264705393032792419979498836551",
"238741401060336175638099375497740303177",
"279577176035107001512934654237869507516",
"145880162779565741837819676483228499300",
"127809519349970645360697777428549622625",
"307980875257337246381009565866838557903",
"330212089550213811688452876207213689027",
"292349649739903354519742504810837097269",
"6127841152270119643958952414669350211",
"335645142261224268762006381740052233188",
"109183959224805865307895779680093246307",
"320347336774733139136288916442402746975",
"153537896584459150438194966513331789145",
"290138044157543726570565097636556565394",
"183149366999774343672822517647013108117",
"278675113163975809037263769056095463902",
"143346065962046306861345672815340128659",
"39202483775613760801013793315159228727",
"223464662744292259328231130015590290691",
"243196525702888915879421091889262579799",
"222906682215279304745915779653792229664",
"2041196555325525214139183417421403394",
"188099220589577487798346861997025355777"
]
},
"id": "ASB-A-293602317-26d5e4b2",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "14431357685230850289420472586775119205",
"length": 3298.0
},
"id": "ASB-A-293602317-6089c84d",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "writeUserLP",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "272657188131738071713369073931175915923",
"length": 5792.0
},
"id": "ASB-A-293602317-6b276ef8",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb",
"deprecated": false,
"target": {
"function": "createUserInternalUncheckedNoTracing",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/59042a32c7e192d160c295ecb6477a09bb5da0bb"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "162974419970696908515454636762840654481",
"length": 527.0
},
"id": "ASB-A-293602317-380cc354",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1bc8e28626843225b09b2b070685f81fbadefc08",
"deprecated": false,
"target": {
"function": "setSeedAccountDataNoChecks",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"9463191120944565777214923587569540280",
"122948831978021524892316983953446463325",
"92472102344881644431830790738066790673",
"167065115139944003153512953068553907891",
"340215464376248865824947300777503185264",
"221168945578021651559295763786183083054",
"131744847661277240634565311564085973108",
"103367733749084258736728368274322623346",
"179925580572788879788475130054462708914",
"196342960548204308401723679118648079086",
"290321685008039217998855658215928044591",
"75387723144994033401847672675012393388",
"67366564525647400157695413450827258220",
"272780187264705393032792419979498836551",
"238741401060336175638099375497740303177",
"259279927726206483199262694158630246435",
"183029252510547657779880201967699359444",
"195441015140250236884590713138112717388",
"154830493048076088366513224219833566639",
"292349649739903354519742504810837097269",
"74757550851833025026619482507635734368",
"335645142261224268762006381740052233188",
"109183959224805865307895779680093246307",
"320347336774733139136288916442402746975",
"153537896584459150438194966513331789145",
"290138044157543726570565097636556565394",
"94951731505717292874816718517677494937",
"212459908943937449820271126626157033223",
"143346065962046306861345672815340128659",
"39202483775613760801013793315159228727",
"223464662744292259328231130015590290691",
"243196525702888915879421091889262579799",
"222906682215279304745915779653792229664",
"2041196555325525214139183417421403394",
"188099220589577487798346861997025355777"
]
},
"id": "ASB-A-293602317-591df365",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1bc8e28626843225b09b2b070685f81fbadefc08",
"deprecated": false,
"target": {
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "144548358230426864873260022106430419425",
"length": 3635.0
},
"id": "ASB-A-293602317-59fe4ee5",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1bc8e28626843225b09b2b070685f81fbadefc08",
"deprecated": false,
"target": {
"function": "writeUserLP",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "137805121615530708957201457640858822254",
"length": 5798.0
},
"id": "ASB-A-293602317-bb732334",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/1bc8e28626843225b09b2b070685f81fbadefc08",
"deprecated": false,
"target": {
"function": "createUserInternalUncheckedNoTracing",
"file": "services/core/java/com/android/server/pm/UserManagerService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-05-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1bc8e28626843225b09b2b070685f81fbadefc08"
],
"severity": "High"
}