ASB-A-305664128
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-305664128.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-305664128
- Aliases
-
- A-305664128
- CVE-2024-0029
- Published
- 2024-02-01T00:00:00Z
- Modified
- 2025-10-24T15:26:23.750784Z
- Summary
- [none]
- Details
-
In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"types": [
"EoP"
],
"spl": "2024-02-01",
"severity": "High",
"vanir_signatures": [
{
"id": "ASB-A-305664128-371f4a22",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 480.0,
"function_hash": "15363436855987920928326619630870033009"
},
"target": {
"function": "dump",
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"signature_type": "Function"
},
{
"id": "ASB-A-305664128-6ed10376",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 333.0,
"function_hash": "339376907382333852942907088008540104910"
},
"target": {
"function": "pushScreenCapturePolicy",
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"signature_type": "Function"
},
{
"id": "ASB-A-305664128-6ff5a63c",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"28311690895260575800574139068173669733",
"223436481240343717939018505226144610059",
"117044756458411847808923554583015557546",
"170327553144296588503669750553402211893",
"239074023376782095996231652442493595252",
"157357134711872925346767264292501648874",
"64288531529445887856734889091247507024",
"262904896340326572243977980619317740045",
"7863672791623889789622374216263810103",
"66479148815315197071660763310477081922",
"171179926486319585779595075134188622013",
"212244609484368085886263967809000816574",
"282437439868055744848446642444988363062",
"117163408136162529031747499550582586850",
"247348278467662031451697009802733871490",
"61450082948208451555208484198568392618",
"307961701221648373743783611230436840618",
"171596180186433512554982966658010716778",
"333816379399395304059482412727534554494",
"271910998854270115562758521721614816646",
"136848235534726235164153637734588685112",
"185648384567668810156920449681591878671",
"273479818998516435455800439377892536926"
],
"threshold": 0.9
},
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"signature_type": "Line"
},
{
"id": "ASB-A-305664128-b2dc8fa2",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 165.0,
"function_hash": "253859128593274454752267069625917878699"
},
"target": {
"function": "isScreenCaptureAllowed",
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"signature_type": "Function"
},
{
"id": "ASB-A-305664128-b43d3cfa",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"197398890903669696298331529144984489162",
"249824849135075639435022530049319676976",
"186035691838317418323640455882809834870",
"335187847406128745790287630133932854479",
"300588941124566463956819306070980286946",
"206425278639491027575200310195559441600",
"49228948240716844870096001840488321357",
"281488823019523067939062134321653668752",
"100717289218463032643016023557715607254",
"307980677372113633748185733433884228424",
"21580352465351504625152159357536635266",
"252284397787196646557021033389798717265",
"189078664274146664815958730442952341864",
"297894404667716767530635483998466015068",
"250825047119747186626953990351582444743",
"194006595428163490758504127772452409680",
"122109291653140385621882965723271216060",
"288887833273584830521920852443689779767"
],
"threshold": 0.9
},
"target": {
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyCacheImpl.java"
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223",
"id": "ASB-A-305664128-ba68c264",
"signature_version": "v1",
"digest": {
"length": 160.0,
"function_hash": "77740681520341269923023043360224427269"
},
"match_only_versions": [
"13"
],
"signature_type": "Function",
"target": {
"function": "setScreenCaptureDisabled",
"file": "services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/5f3db5ae9b9cf69c8a4ea73b6ed49ce9d49ba223"
]
}