ASB-A-299441833
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-299441833.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-299441833
- Aliases
-
- A-299441833
- CVE-2024-0046
- Published
- 2024-03-01T00:00:00Z
- Modified
- 2024-08-07T19:30:10.516963Z
- Summary
- [none]
- Details
-
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3934.0,
"function_hash": "138989191116497150192229991517836027203"
},
"id": "ASB-A-299441833-38709f53",
"source": "https://android.googlesource.com/platform/frameworks/base/+/496e78a1951f2ed69290f03c5625c0f8382f4d31",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223414134673961314150758707332884666599",
"297832111914664628625290241149198251561",
"200773103184735589871286713125911464428",
"328687726879581702857568231538760663042"
]
},
"id": "ASB-A-299441833-f557e68b",
"source": "https://android.googlesource.com/platform/frameworks/base/+/496e78a1951f2ed69290f03c5625c0f8382f4d31",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/496e78a1951f2ed69290f03c5625c0f8382f4d31"
],
"spl": "2024-03-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"305309295635932314604993172670275855343",
"155395927358001145444523690570857776417",
"278129988737214380373573150486364105084",
"203617683842027651818499204898684772928"
]
},
"id": "ASB-A-299441833-4b126c86",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0d0f185c0d526c1dac0a8894b2c2f2e378328d73",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 3062.0,
"function_hash": "149833891819253482617684091928861207008"
},
"id": "ASB-A-299441833-8338fbd7",
"source": "https://android.googlesource.com/platform/frameworks/base/+/0d0f185c0d526c1dac0a8894b2c2f2e378328d73",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "installExistingPackageAsUser"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/0d0f185c0d526c1dac0a8894b2c2f2e378328d73"
],
"spl": "2024-03-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3062.0,
"function_hash": "149833891819253482617684091928861207008"
},
"id": "ASB-A-299441833-4764aff6",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fbdeb248db7dee192392d82fe15482760b8af941",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "installExistingPackageAsUser"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"305309295635932314604993172670275855343",
"155395927358001145444523690570857776417",
"278129988737214380373573150486364105084",
"203617683842027651818499204898684772928"
]
},
"id": "ASB-A-299441833-bc1dc195",
"source": "https://android.googlesource.com/platform/frameworks/base/+/fbdeb248db7dee192392d82fe15482760b8af941",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/fbdeb248db7dee192392d82fe15482760b8af941"
],
"spl": "2024-03-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"296482673243063769976797443477832218939",
"205080326645713381622697273196627504899",
"24191776365121312118246009668773113657",
"328687726879581702857568231538760663042"
]
},
"id": "ASB-A-299441833-1f7b20f3",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c61ee9f45233a35da687942d5af24a5d09568a6c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 3355.0,
"function_hash": "280918193978644490386676326143105001422"
},
"id": "ASB-A-299441833-62b8e079",
"source": "https://android.googlesource.com/platform/frameworks/base/+/c61ee9f45233a35da687942d5af24a5d09568a6c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/c61ee9f45233a35da687942d5af24a5d09568a6c"
],
"spl": "2024-03-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3762.0,
"function_hash": "138592199527733483268954287749153569731"
},
"id": "ASB-A-299441833-d5f02267",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b978fdc30bf3dc8babb60ce88be47cf5b0622e84",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"223414134673961314150758707332884666599",
"297832111914664628625290241149198251561",
"200773103184735589871286713125911464428",
"328687726879581702857568231538760663042"
]
},
"id": "ASB-A-299441833-e1da6e56",
"source": "https://android.googlesource.com/platform/frameworks/base/+/b978fdc30bf3dc8babb60ce88be47cf5b0622e84",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b978fdc30bf3dc8babb60ce88be47cf5b0622e84"
],
"spl": "2024-03-01",
"severity": "High",
"types": [
"EoP"
]
}