ASB-A-326057017

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-326057017.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-326057017
Aliases
  • A-326057017
  • CVE-2024-43088
Published
2024-11-01T00:00:00Z
Modified
2025-07-04T14:49:55.829990Z
Summary
[none]
Details

In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2024-11-01

Affected versions

Other

15-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
        "https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-11-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-4d84780d",
            "deprecated": false,
            "digest": {
                "function_hash": "195287210104496339890085245394357221293",
                "length": 1315.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-60664c11",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "146468046810668391626191160772369193825",
                    "58214069278375581193240716053668016387",
                    "118458680043264427161078560444741096551",
                    "258340999341649564567845986161705016654",
                    "160218103706771944482748181118729855894",
                    "24161462096081758301042185106835946852",
                    "160513651410221718851601212210989974898",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "149175562642938948599377976695334832391",
                    "222445708500777444183075011016946619344",
                    "640951057105632582082164522887529747"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-9f9c521f",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "21351181494580230582457912368684138643",
                    "246104028227763312342528560995913456137",
                    "112447764429510990901677734720782893219",
                    "280719753542198840683446604616999483129",
                    "335390497914652248739796981457601185558",
                    "169628784901101339119707113841498106660",
                    "310435184706524923602167036726128903454",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "104753129509495944390815046349058120392",
                    "75082986712595943242923943073286406825",
                    "64486560918658915169091409835859581607",
                    "120275387461687019757958406461914187909"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/78ee160c20eeb41bb7eccfde9af772a9b1a958d6",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-af90b2fd",
            "deprecated": false,
            "digest": {
                "function_hash": "239794650785354858716998708236409256045",
                "length": 1215.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d3b3edd45167515579ab156533754e56ac813f35",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2024-11-01

Affected versions

Other

12

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-11-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-4d004175",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "146468046810668391626191160772369193825",
                    "58214069278375581193240716053668016387",
                    "70407893938082198783244595396619524615",
                    "118458680043264427161078560444741096551",
                    "258340999341649564567845986161705016654",
                    "160218103706771944482748181118729855894",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "149175562642938948599377976695334832391",
                    "222445708500777444183075011016946619344",
                    "640951057105632582082164522887529747"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-9c2034f0",
            "deprecated": false,
            "digest": {
                "function_hash": "69398252931524318733979460612749742282",
                "length": 1123.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/7d2552bf93e675b0a1d0acda718d9466fd8a4d47",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2024-11-01

Affected versions

Other

12L

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-11-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-57d35a17",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "146468046810668391626191160772369193825",
                    "58214069278375581193240716053668016387",
                    "118458680043264427161078560444741096551",
                    "258340999341649564567845986161705016654",
                    "160218103706771944482748181118729855894",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "149175562642938948599377976695334832391",
                    "222445708500777444183075011016946619344",
                    "640951057105632582082164522887529747"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19",
            "signature_type": "Line",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-b3b88d96",
            "deprecated": false,
            "digest": {
                "function_hash": "69398252931524318733979460612749742282",
                "length": 1123.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/ff4daf4bf4c98ed8aa79fd94eb39fc54bd559f19",
            "signature_type": "Function",
            "signature_version": "v1"
        }
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2024-11-01

Affected versions

Other

13

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-11-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-de4471bb",
            "deprecated": false,
            "digest": {
                "function_hash": "69398252931524318733979460612749742282",
                "length": 1123.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-de57e55c",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "146468046810668391626191160772369193825",
                    "58214069278375581193240716053668016387",
                    "118458680043264427161078560444741096551",
                    "258340999341649564567845986161705016654",
                    "160218103706771944482748181118729855894",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "149175562642938948599377976695334832391",
                    "222445708500777444183075011016946619344",
                    "640951057105632582082164522887529747"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/c24808f9b6b8851f2a1d95a38f72a958986aebbf",
            "signature_type": "Line",
            "signature_version": "v1"
        }
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2024-11-01

Affected versions

Other

14

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-11-01",
    "vanir_signatures": [
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java",
                "function": "retrieveAppEntry"
            },
            "id": "ASB-A-326057017-05b5a128",
            "deprecated": false,
            "digest": {
                "function_hash": "69398252931524318733979460612749742282",
                "length": 1123.0
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3",
            "signature_type": "Function",
            "signature_version": "v1"
        },
        {
            "target": {
                "file": "src/com/android/settings/applications/AppInfoBase.java"
            },
            "id": "ASB-A-326057017-dff982ec",
            "deprecated": false,
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "146468046810668391626191160772369193825",
                    "58214069278375581193240716053668016387",
                    "118458680043264427161078560444741096551",
                    "258340999341649564567845986161705016654",
                    "160218103706771944482748181118729855894",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "149175562642938948599377976695334832391",
                    "222445708500777444183075011016946619344",
                    "640951057105632582082164522887529747"
                ]
            },
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/20024f00a530b676608c9d924dd71322fd9a54e3",
            "signature_type": "Line",
            "signature_version": "v1"
        }
    ]
}