ASB-A-329230490
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-329230490.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-329230490
- Aliases
-
- A-329230490
- CVE-2024-31320
- Published
- 2024-07-01T00:00:00Z
- Modified
- 2025-07-07T15:00:46.712952Z
- Summary
- [none]
- Details
-
In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/56ac420b653da3f716f37a77780d7a74bc5fc439",
"https://android.googlesource.com/platform/frameworks/base/+/71418ecfa539b99d9bb0053d1de5060040bdf02f"
],
"severity": "Critical",
"types": [
"EoP"
],
"spl": "2024-07-01",
"vanir_signatures": [
{
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-329230490-5add1a57",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"283533769886380923448576656925363146498",
"306640430079475523562921556048505603680",
"220247844284439815336487099373551580211",
"296340939658799727884616528029234346770"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/56ac420b653da3f716f37a77780d7a74bc5fc439",
"signature_type": "Line",
"signature_version": "v1"
},
{
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
},
"id": "ASB-A-329230490-6b902821",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"67950038913822548496977403571025662121",
"222725767583171763006265824348111716351",
"286500330299365691393581685729299877668",
"166044803054551522655759985343015696389",
"151376619027520813586001682013091186310",
"194068989226376155571126814800988254819",
"257382018809139542673220738604381729552"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/71418ecfa539b99d9bb0053d1de5060040bdf02f",
"signature_type": "Line",
"signature_version": "v1"
},
{
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setSkipPrompt"
},
"id": "ASB-A-329230490-a4ce043d",
"deprecated": false,
"digest": {
"function_hash": "168892350902793353495994525992132626819",
"length": 55.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/56ac420b653da3f716f37a77780d7a74bc5fc439",
"signature_type": "Function",
"signature_version": "v1"
},
{
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java",
"function": "associate"
},
"id": "ASB-A-329230490-a592a235",
"deprecated": false,
"digest": {
"function_hash": "37463952415737052809221431915743857188",
"length": 1588.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/71418ecfa539b99d9bb0053d1de5060040bdf02f",
"signature_type": "Function",
"signature_version": "v1"
}
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/be2e3b05858ba7a6349f5487d2658d00853b11cd",
"https://android.googlesource.com/platform/frameworks/base/+/f28e88e53d57779fff5900d1811ffa07ab174640"
],
"severity": "Critical",
"types": [
"EoP"
],
"spl": "2024-07-01",
"vanir_signatures": [
{
"target": {
"file": "core/java/android/companion/AssociationRequest.java"
},
"id": "ASB-A-329230490-2e9d0f69",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"283533769886380923448576656925363146498",
"306640430079475523562921556048505603680",
"220247844284439815336487099373551580211",
"296340939658799727884616528029234346770"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/be2e3b05858ba7a6349f5487d2658d00853b11cd",
"signature_type": "Line",
"signature_version": "v1"
},
{
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java"
},
"id": "ASB-A-329230490-3f23a8b1",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"67950038913822548496977403571025662121",
"222725767583171763006265824348111716351",
"286500330299365691393581685729299877668",
"166044803054551522655759985343015696389",
"151376619027520813586001682013091186310",
"194068989226376155571126814800988254819",
"257382018809139542673220738604381729552"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/f28e88e53d57779fff5900d1811ffa07ab174640",
"signature_type": "Line",
"signature_version": "v1"
},
{
"target": {
"file": "services/companion/java/com/android/server/companion/CompanionDeviceManagerService.java",
"function": "associate"
},
"id": "ASB-A-329230490-8ac5bf9f",
"deprecated": false,
"digest": {
"function_hash": "65861310754994395892854568185787642004",
"length": 1683.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/f28e88e53d57779fff5900d1811ffa07ab174640",
"signature_type": "Function",
"signature_version": "v1"
},
{
"target": {
"file": "core/java/android/companion/AssociationRequest.java",
"function": "setSkipPrompt"
},
"id": "ASB-A-329230490-f8035f09",
"deprecated": false,
"digest": {
"function_hash": "168892350902793353495994525992132626819",
"length": 55.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/be2e3b05858ba7a6349f5487d2658d00853b11cd",
"signature_type": "Function",
"signature_version": "v1"
}
]
}