ASB-A-300090204
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-300090204.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-300090204
- Aliases
-
- A-300090204
- CVE-2024-0015
- Published
- 2024-01-01T00:00:00Z
- Modified
- 2026-04-24T15:37:38.793646Z
- Summary
- [none]
- Details
-
In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"142275142473583811656257925932801215932",
"80607861949381175184438557088515049005",
"28754939496718491312327854094553077963",
"161741354498231441500213550542794601380",
"31810291832700185900069539269853300952",
"76201736618210912462135528215241407154",
"13572015017283725455848689928188277669",
"123200632612740350257613156920026447093",
"99189086500324707981847462972527388857",
"238865122492803814029196695279813184174",
"135188360535559844316574743883758800389",
"28496705184192827839311415886852564114",
"130169205191785451277261575911863144490",
"12884332751236020770911350680320607449",
"27175867381462649513143951036261802049",
"85940367650815511313909572387718700761",
"330677813483266743538214358220343613206",
"123797315748070501987140919842285346625",
"56771758489640633155088313326080049367"
]
},
"id": "ASB-A-300090204-16f5859a",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70",
"deprecated": false,
"target": {
"file": "core/java/android/service/dreams/DreamService.java"
},
"signature_version": "v1"
},
{
"id": "ASB-A-300090204-b8a29ebb",
"signature_type": "Function",
"match_only_versions": [
"14-next"
],
"signature_version": "v1",
"target": {
"function": "getDreamMetadata",
"file": "core/java/android/service/dreams/DreamService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70",
"digest": {
"function_hash": "42220059353017145088428329988357325663",
"length": 572.0
},
"deprecated": false
},
{
"digest": {
"function_hash": "95995390880890190389146015024656609599",
"length": 212.0
},
"id": "ASB-A-300090204-edef98e7",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70",
"deprecated": false,
"target": {
"function": "convertToComponentName",
"file": "core/java/android/service/dreams/DreamService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-01-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2ce1b7fd37273ea19fbbb6daeeaa6212357b9a70"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "96258658890430209807344348180496553242",
"length": 1446.0
},
"id": "ASB-A-300090204-483aa553",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"function": "getSettingsComponentName",
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"234723719755661055601629732360349019693",
"138731044910258141424481377194987602346",
"91263052745282201238370258976369237336",
"255658402388288149290082503730355880643"
]
},
"id": "ASB-A-300090204-f5c4428d",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-01-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"234723719755661055601629732360349019693",
"138731044910258141424481377194987602346",
"91263052745282201238370258976369237336",
"255658402388288149290082503730355880643"
]
},
"id": "ASB-A-300090204-816d1262",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "96258658890430209807344348180496553242",
"length": 1446.0
},
"id": "ASB-A-300090204-d28c02c4",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"function": "getSettingsComponentName",
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-01-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"234723719755661055601629732360349019693",
"138731044910258141424481377194987602346",
"91263052745282201238370258976369237336",
"255658402388288149290082503730355880643"
]
},
"id": "ASB-A-300090204-60971f8d",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
},
{
"digest": {
"function_hash": "96258658890430209807344348180496553242",
"length": 1446.0
},
"id": "ASB-A-300090204-c94e54e6",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14",
"deprecated": false,
"target": {
"function": "getSettingsComponentName",
"file": "packages/SettingsLib/src/com/android/settingslib/dream/DreamBackend.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-01-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/6926fd15fb16c51468dde270bd61ee68772b8c14"
],
"severity": "High"
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"function_hash": "95995390880890190389146015024656609599",
"length": 212.0
},
"id": "ASB-A-300090204-10c7fd51",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/frameworks/base/+/bf8ff047eb25960720a688cb16aa44b3775799da",
"deprecated": false,
"target": {
"function": "convertToComponentName",
"file": "core/java/android/service/dreams/DreamService.java"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"130169205191785451277261575911863144490",
"12884332751236020770911350680320607449",
"27175867381462649513143951036261802049",
"85940367650815511313909572387718700761"
]
},
"id": "ASB-A-300090204-d046b762",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/frameworks/base/+/bf8ff047eb25960720a688cb16aa44b3775799da",
"deprecated": false,
"target": {
"file": "core/java/android/service/dreams/DreamService.java"
},
"signature_version": "v1"
}
],
"types": [
"EoP"
],
"spl": "2024-01-01",
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/bf8ff047eb25960720a688cb16aa44b3775799da"
],
"severity": "High"
}