In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775" ], "spl": "2024-11-01", "severity": "High", "vanir_signatures": [ { "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775", "target": { "function": "updateInternal", "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "length": 11725.0, "function_hash": "321194230133582480089621038804693341133" }, "id": "ASB-A-304280682-3ef7afcb", "signature_version": "v1" }, { "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775", "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "id": "ASB-A-304280682-65423ca5", "signature_version": "v1" } ], "types": [ "EoP" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "spl": "2024-11-01", "severity": "High", "vanir_signatures": [ { "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "id": "ASB-A-304280682-1cfc323f", "signature_version": "v1" }, { "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "function": "updateInternal", "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "length": 11619.0, "function_hash": "96223597478534150747499244719181199149" }, "id": "ASB-A-304280682-23e77d01", "signature_version": "v1" } ], "types": [ "EoP" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "spl": "2024-11-01", "severity": "High", "vanir_signatures": [ { "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "id": "ASB-A-304280682-7a364ac7", "signature_version": "v1" }, { "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "function": "updateInternal", "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "length": 11619.0, "function_hash": "96223597478534150747499244719181199149" }, "id": "ASB-A-304280682-e302c3e3", "signature_version": "v1" } ], "types": [ "EoP" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "spl": "2024-11-01", "severity": "High", "vanir_signatures": [ { "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "id": "ASB-A-304280682-d7629e4a", "signature_version": "v1" }, { "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "function": "updateInternal", "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "length": 11619.0, "function_hash": "96223597478534150747499244719181199149" }, "id": "ASB-A-304280682-deac93ad", "signature_version": "v1" } ], "types": [ "EoP" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "spl": "2024-11-01", "severity": "High", "vanir_signatures": [ { "signature_type": "Line", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "id": "ASB-A-304280682-302b566a", "signature_version": "v1" }, { "signature_type": "Function", "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "target": { "function": "updateInternal", "file": "src/com/android/providers/media/MediaProvider.java" }, "deprecated": false, "digest": { "length": 11619.0, "function_hash": "96223597478534150747499244719181199149" }, "id": "ASB-A-304280682-f9e69783", "signature_version": "v1" } ], "types": [ "EoP" ] }