ASB-A-332277530
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-332277530.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-332277530
- Aliases
-
- A-332277530
- CVE-2025-22417
- Published
- 2025-04-01T00:00:00Z
- Modified
- 2025-04-08T15:54:46Z
- Summary
- [none]
- Details
-
In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 8338.0,
"function_hash": "143495626557028892849843957874352481508"
},
"id": "ASB-A-332277530-9e459311",
"source": "https://android.googlesource.com/platform/frameworks/base/+/7366b99644fa61279591eec54ea725d86d6e2e93",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/wm/Transition.java",
"function": "finishTransition"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"43321757872081070203107079530285764904",
"259474736871594508473064173875742022169",
"101281647174481639614123120420791051658",
"155627851148060635493144740141300058646",
"312852115778852061550559717320465254123",
"205318740049287123336964596818420624210",
"320472561389268828203707612226200794736",
"216764919076282728530001542877030237993",
"50282303557542167369505078076179223325",
"266662712364569598772809999191737064845",
"128514549824767817510309341388653812373",
"192690854717832912272169549773659020179",
"303989072137136356410617273412967353341"
]
},
"id": "ASB-A-332277530-d81c1a8f",
"source": "https://android.googlesource.com/platform/frameworks/base/+/7366b99644fa61279591eec54ea725d86d6e2e93",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/wm/Transition.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/7366b99644fa61279591eec54ea725d86d6e2e93"
],
"spl": "2025-04-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 7105.0,
"function_hash": "37129745043719104312132640350457045810"
},
"id": "ASB-A-332277530-371db037",
"source": "https://android.googlesource.com/platform/frameworks/base/+/806927c67cbb308739b06efe78ee474c83b66e24",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/wm/Transition.java",
"function": "finishTransition"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"2482795662706534945073011631338541735",
"259474736871594508473064173875742022169",
"101281647174481639614123120420791051658",
"155627851148060635493144740141300058646",
"312852115778852061550559717320465254123",
"205318740049287123336964596818420624210",
"320472561389268828203707612226200794736",
"216764919076282728530001542877030237993",
"50282303557542167369505078076179223325",
"266662712364569598772809999191737064845",
"128514549824767817510309341388653812373",
"192690854717832912272169549773659020179",
"303989072137136356410617273412967353341"
]
},
"id": "ASB-A-332277530-87de2e89",
"source": "https://android.googlesource.com/platform/frameworks/base/+/806927c67cbb308739b06efe78ee474c83b66e24",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/wm/Transition.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/806927c67cbb308739b06efe78ee474c83b66e24"
],
"spl": "2025-04-01",
"severity": "High",
"types": [
"EoP"
]
}