ASB-A-308138085
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-308138085.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-308138085
- Aliases
-
- A-308138085
- CVE-2024-40661
- Published
- 2024-11-01T00:00:00Z
- Modified
- 2024-11-06T16:12:12.297266Z
- Summary
- [none]
- Details
-
In mayAdminGrantPermission of AdminRestrictedPermissionsUtils.java, there is a possible way to access the microphone due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"5977610278533112799394108797237227875",
"181066152385082617581071416066582320893",
"97249959646184958666342524136222994825",
"188003068610495928035701251781502116256",
"176490934733286443834973719250826472996",
"258530133400399656180304593983234643592",
"201346097777370587976180677698329970310",
"172063886974261074792075202845972416903",
"63187281755398356778378086911936239253",
"105015978386674386640843188140430786953",
"182548609187235165250868451508823467315",
"147138771630143450657336996674882770671"
]
},
"id": "ASB-A-308138085-35cc438e",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/682c92ee1e47918993a860ddb1ce02277f6f5a8a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/v31/AdminRestrictedPermissionsUtils.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 324.0,
"function_hash": "108895051496735661778370560613525097993"
},
"id": "ASB-A-308138085-5ec656b7",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/682c92ee1e47918993a860ddb1ce02277f6f5a8a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/v31/AdminRestrictedPermissionsUtils.java",
"function": "mayAdminGrantPermission"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"235758072495823610032550908306959227547",
"126775809132709055840787600879050217565",
"241637759348343480256067777365735448834",
"280508384916547576901269567438385634686"
]
},
"id": "ASB-A-308138085-c2335cf1",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/682c92ee1e47918993a860ddb1ce02277f6f5a8a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2014.0,
"function_hash": "212168720911549275414979624154360876251"
},
"id": "ASB-A-308138085-c71c0ec3",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/682c92ee1e47918993a860ddb1ce02277f6f5a8a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java",
"function": "onSetRuntimePermissionGrantStateByDeviceAdmin"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/682c92ee1e47918993a860ddb1ce02277f6f5a8a",
"https://android.googlesource.com/platform/packages/modules/Permission/+/7d68f8c357dda295f9adcf9d3d49438b46d72727"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"5977610278533112799394108797237227875",
"181066152385082617581071416066582320893",
"97249959646184958666342524136222994825",
"188003068610495928035701251781502116256",
"176490934733286443834973719250826472996",
"274956509606673407988337690483181355164",
"93403434017906500815022071656012337428",
"120339883156921414678146450036402509914",
"307709675523178807374683846964196361020",
"180976825026770325236964379717407338615",
"182548609187235165250868451508823467315",
"147138771630143450657336996674882770671"
]
},
"id": "ASB-A-308138085-420c9489",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/1402927967512743990abea50482e54708446589",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"250278357060064796101495713172652407160",
"230289112673800829523769362281675260294",
"113492446165658148277943241753942762290",
"16459791351330223224549739424635806908"
]
},
"id": "ASB-A-308138085-7a84d440",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/1402927967512743990abea50482e54708446589",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1663.0,
"function_hash": "231131518583073194055839929721980090487"
},
"id": "ASB-A-308138085-7e77240d",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/1402927967512743990abea50482e54708446589",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java",
"function": "onSetRuntimePermissionGrantStateByDeviceAdmin"
},
"signature_type": "Function"
},
{
"digest": {
"length": 314.0,
"function_hash": "297088448659959418058363703061105402067"
},
"id": "ASB-A-308138085-bc194f9e",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/1402927967512743990abea50482e54708446589",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java",
"function": "mayAdminGrantPermission"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/1402927967512743990abea50482e54708446589"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1663.0,
"function_hash": "231131518583073194055839929721980090487"
},
"id": "ASB-A-308138085-5ef9893b",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/2beda333ef5a4a3685e30bfdce7d8c6ae6487c1f",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java",
"function": "onSetRuntimePermissionGrantStateByDeviceAdmin"
},
"signature_type": "Function"
},
{
"digest": {
"length": 314.0,
"function_hash": "297088448659959418058363703061105402067"
},
"id": "ASB-A-308138085-bf37c85e",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/2beda333ef5a4a3685e30bfdce7d8c6ae6487c1f",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java",
"function": "mayAdminGrantPermission"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"5977610278533112799394108797237227875",
"181066152385082617581071416066582320893",
"97249959646184958666342524136222994825",
"188003068610495928035701251781502116256",
"176490934733286443834973719250826472996",
"274956509606673407988337690483181355164",
"93403434017906500815022071656012337428",
"120339883156921414678146450036402509914",
"307709675523178807374683846964196361020",
"180976825026770325236964379717407338615",
"182548609187235165250868451508823467315",
"147138771630143450657336996674882770671"
]
},
"id": "ASB-A-308138085-c52dd18c",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/2beda333ef5a4a3685e30bfdce7d8c6ae6487c1f",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java"
},
"signature_type": "Line"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"250278357060064796101495713172652407160",
"230289112673800829523769362281675260294",
"113492446165658148277943241753942762290",
"16459791351330223224549739424635806908"
]
},
"id": "ASB-A-308138085-f4d5da66",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/2beda333ef5a4a3685e30bfdce7d8c6ae6487c1f",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/2beda333ef5a4a3685e30bfdce7d8c6ae6487c1f"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1663.0,
"function_hash": "231131518583073194055839929721980090487"
},
"id": "ASB-A-308138085-4c740421",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/cee0dab747af4563998f6225f120db4f318843f1",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java",
"function": "onSetRuntimePermissionGrantStateByDeviceAdmin"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"250278357060064796101495713172652407160",
"230289112673800829523769362281675260294",
"113492446165658148277943241753942762290",
"16459791351330223224549739424635806908"
]
},
"id": "ASB-A-308138085-60a92c01",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/cee0dab747af4563998f6225f120db4f318843f1",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 314.0,
"function_hash": "297088448659959418058363703061105402067"
},
"id": "ASB-A-308138085-7dc34130",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/cee0dab747af4563998f6225f120db4f318843f1",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java",
"function": "mayAdminGrantPermission"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"5977610278533112799394108797237227875",
"181066152385082617581071416066582320893",
"97249959646184958666342524136222994825",
"188003068610495928035701251781502116256",
"176490934733286443834973719250826472996",
"274956509606673407988337690483181355164",
"93403434017906500815022071656012337428",
"120339883156921414678146450036402509914",
"307709675523178807374683846964196361020",
"180976825026770325236964379717407338615",
"182548609187235165250868451508823467315",
"147138771630143450657336996674882770671"
]
},
"id": "ASB-A-308138085-df6069ff",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/cee0dab747af4563998f6225f120db4f318843f1",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/AdminRestrictedPermissionsUtils.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/cee0dab747af4563998f6225f120db4f318843f1"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Permission
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"5977610278533112799394108797237227875",
"181066152385082617581071416066582320893",
"97249959646184958666342524136222994825",
"188003068610495928035701251781502116256",
"176490934733286443834973719250826472996",
"258530133400399656180304593983234643592",
"201346097777370587976180677698329970310",
"172063886974261074792075202845972416903",
"63187281755398356778378086911936239253",
"105015978386674386640843188140430786953",
"182548609187235165250868451508823467315",
"147138771630143450657336996674882770671"
]
},
"id": "ASB-A-308138085-28573adb",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/4857b928217abcbed4c24a180b6285a23174e565",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/v31/AdminRestrictedPermissionsUtils.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 324.0,
"function_hash": "108895051496735661778370560613525097993"
},
"id": "ASB-A-308138085-307968da",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/4857b928217abcbed4c24a180b6285a23174e565",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/utils/v31/AdminRestrictedPermissionsUtils.java",
"function": "mayAdminGrantPermission"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"235758072495823610032550908306959227547",
"126775809132709055840787600879050217565",
"241637759348343480256067777365735448834",
"280508384916547576901269567438385634686"
]
},
"id": "ASB-A-308138085-63ad00e8",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/4857b928217abcbed4c24a180b6285a23174e565",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 1710.0,
"function_hash": "190184821802661765368295455242639825038"
},
"id": "ASB-A-308138085-8f123e05",
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/4857b928217abcbed4c24a180b6285a23174e565",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/permission/service/PermissionControllerServiceImpl.java",
"function": "onSetRuntimePermissionGrantStateByDeviceAdmin"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/4857b928217abcbed4c24a180b6285a23174e565"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}