In updateInternal of MediaProvider.java , there is a possible access of another app's files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775" ], "severity": "High", "types": [ "EoP" ], "spl": "2024-11-01", "vanir_signatures": [ { "target": { "file": "src/com/android/providers/media/MediaProvider.java", "function": "updateInternal" }, "id": "ASB-A-304280682-3ef7afcb", "deprecated": false, "digest": { "function_hash": "321194230133582480089621038804693341133", "length": 11725.0 }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775", "signature_type": "Function", "signature_version": "v1" }, { "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "id": "ASB-A-304280682-65423ca5", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3f12cfbd7f7d76e9908ebe9285f6d0c8bc1e7775", "signature_type": "Line", "signature_version": "v1" } ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "severity": "High", "types": [ "EoP" ], "spl": "2024-11-01", "vanir_signatures": [ { "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "id": "ASB-A-304280682-1cfc323f", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "src/com/android/providers/media/MediaProvider.java", "function": "updateInternal" }, "id": "ASB-A-304280682-23e77d01", "deprecated": false, "digest": { "function_hash": "96223597478534150747499244719181199149", "length": 11619.0 }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Function", "signature_version": "v1" } ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "severity": "High", "types": [ "EoP" ], "spl": "2024-11-01", "vanir_signatures": [ { "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "id": "ASB-A-304280682-7a364ac7", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "src/com/android/providers/media/MediaProvider.java", "function": "updateInternal" }, "id": "ASB-A-304280682-e302c3e3", "deprecated": false, "digest": { "function_hash": "96223597478534150747499244719181199149", "length": 11619.0 }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Function", "signature_version": "v1" } ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "severity": "High", "types": [ "EoP" ], "spl": "2024-11-01", "vanir_signatures": [ { "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "id": "ASB-A-304280682-d7629e4a", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "src/com/android/providers/media/MediaProvider.java", "function": "updateInternal" }, "id": "ASB-A-304280682-deac93ad", "deprecated": false, "digest": { "function_hash": "96223597478534150747499244719181199149", "length": 11619.0 }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Function", "signature_version": "v1" } ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534" ], "severity": "High", "types": [ "EoP" ], "spl": "2024-11-01", "vanir_signatures": [ { "target": { "file": "src/com/android/providers/media/MediaProvider.java" }, "id": "ASB-A-304280682-302b566a", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "276225167112100087265125330256831204007", "320163482423534612010675777114789837722", "86102312791780717883442502186039514936", "248811002472384000922184042276885804213" ] }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "src/com/android/providers/media/MediaProvider.java", "function": "updateInternal" }, "id": "ASB-A-304280682-f9e69783", "deprecated": false, "digest": { "function_hash": "96223597478534150747499244719181199149", "length": 11619.0 }, "source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/3cdbf52099088ea1b8c1b4a38f57b7b240446534", "signature_type": "Function", "signature_version": "v1" } ] }