ASB-A-326057017
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-326057017.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-326057017
- Aliases
-
- A-326057017
- CVE-2024-43088
- Published
- 2024-11-01T00:00:00Z
- Modified
- 2025-07-18T15:02:24.688977Z
- Summary
- [none]
- Details
-
In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"function_hash": "195287210104496339890085245394357221293",
"length": 1315.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6",
"id": "ASB-A-326057017-4d84780d",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"146468046810668391626191160772369193825",
"58214069278375581193240716053668016387",
"118458680043264427161078560444741096551",
"258340999341649564567845986161705016654",
"160218103706771944482748181118729855894",
"24161462096081758301042185106835946852",
"160513651410221718851601212210989974898",
"148895478068658423118081653364542686348",
"229576963873663300966969905449561113344",
"149175562642938948599377976695334832391",
"222445708500777444183075011016946619344",
"640951057105632582082164522887529747"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
"id": "ASB-A-326057017-60664c11",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"21351181494580230582457912368684138643",
"246104028227763312342528560995913456137",
"112447764429510990901677734720782893219",
"280719753542198840683446604616999483129",
"335390497914652248739796981457601185558",
"169628784901101339119707113841498106660",
"310435184706524923602167036726128903454",
"229576963873663300966969905449561113344",
"334330305333797608329864193959475347539",
"110570043621086428945814529144846361935",
"321798546454385257581027784768169491613",
"104753129509495944390815046349058120392",
"75082986712595943242923943073286406825",
"64486560918658915169091409835859581607",
"120275387461687019757958406461914187909"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6",
"id": "ASB-A-326057017-9f9c521f",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
},
{
"digest": {
"function_hash": "239794650785354858716998708236409256045",
"length": 1215.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
"id": "ASB-A-326057017-af90b2fd",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
"https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6"
],
"spl": "2024-11-01"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"146468046810668391626191160772369193825",
"58214069278375581193240716053668016387",
"70407893938082198783244595396619524615",
"118458680043264427161078560444741096551",
"258340999341649564567845986161705016654",
"160218103706771944482748181118729855894",
"148895478068658423118081653364542686348",
"229576963873663300966969905449561113344",
"334330305333797608329864193959475347539",
"110570043621086428945814529144846361935",
"321798546454385257581027784768169491613",
"149175562642938948599377976695334832391",
"222445708500777444183075011016946619344",
"640951057105632582082164522887529747"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47",
"id": "ASB-A-326057017-4d004175",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
},
{
"digest": {
"function_hash": "69398252931524318733979460612749742282",
"length": 1123.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47",
"id": "ASB-A-326057017-9c2034f0",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47"
],
"spl": "2024-11-01"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"146468046810668391626191160772369193825",
"58214069278375581193240716053668016387",
"118458680043264427161078560444741096551",
"258340999341649564567845986161705016654",
"160218103706771944482748181118729855894",
"148895478068658423118081653364542686348",
"229576963873663300966969905449561113344",
"334330305333797608329864193959475347539",
"110570043621086428945814529144846361935",
"321798546454385257581027784768169491613",
"149175562642938948599377976695334832391",
"222445708500777444183075011016946619344",
"640951057105632582082164522887529747"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19",
"id": "ASB-A-326057017-57d35a17",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
},
{
"digest": {
"function_hash": "69398252931524318733979460612749742282",
"length": 1123.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19",
"id": "ASB-A-326057017-b3b88d96",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19"
],
"spl": "2024-11-01"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"function_hash": "69398252931524318733979460612749742282",
"length": 1123.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf",
"id": "ASB-A-326057017-de4471bb",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"146468046810668391626191160772369193825",
"58214069278375581193240716053668016387",
"118458680043264427161078560444741096551",
"258340999341649564567845986161705016654",
"160218103706771944482748181118729855894",
"148895478068658423118081653364542686348",
"229576963873663300966969905449561113344",
"334330305333797608329864193959475347539",
"110570043621086428945814529144846361935",
"321798546454385257581027784768169491613",
"149175562642938948599377976695334832391",
"222445708500777444183075011016946619344",
"640951057105632582082164522887529747"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf",
"id": "ASB-A-326057017-de57e55c",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf"
],
"spl": "2024-11-01"
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"vanir_signatures": [
{
"digest": {
"function_hash": "69398252931524318733979460612749742282",
"length": 1123.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3",
"id": "ASB-A-326057017-05b5a128",
"signature_type": "Function",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java",
"function": "retrieveAppEntry"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"146468046810668391626191160772369193825",
"58214069278375581193240716053668016387",
"118458680043264427161078560444741096551",
"258340999341649564567845986161705016654",
"160218103706771944482748181118729855894",
"148895478068658423118081653364542686348",
"229576963873663300966969905449561113344",
"334330305333797608329864193959475347539",
"110570043621086428945814529144846361935",
"321798546454385257581027784768169491613",
"149175562642938948599377976695334832391",
"222445708500777444183075011016946619344",
"640951057105632582082164522887529747"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3",
"id": "ASB-A-326057017-dff982ec",
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/applications/AppInfoBase.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3"
],
"spl": "2024-11-01"
}