ASB-A-333681693
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-333681693.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-333681693
- Aliases
-
- A-333681693
- CVE-2025-0087
- Published
- 2025-05-01T00:00:00Z
- Modified
- 2025-05-05T15:33:48Z
- Summary
- [none]
- Details
-
In onCreate of UninstallerActivity.java, there is a possible way to uninstall a different user's app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3832.0,
"function_hash": "242683011036438429342352847964337614769"
},
"id": "ASB-A-333681693-43f9aabd",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/585d5d6835dd2ddd65316fbbabd714c140da20fa",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"226539328771947937438867499286202553777",
"128182404893194415408045296704122750548",
"131481432215581295571992698494399908966",
"58621027642444825842784308185130400195",
"199505949288426174741368538261644591719",
"264161942589650726092126966092443708262",
"213303611220441465108637146896255335873",
"146826521238881401794650207391374591278",
"139331100715896940561689173889040186387",
"107706092008188001206620109470412009020",
"49505901022145429097985022115802020162",
"61548140088371532993483124328995166210",
"235181517637232330596128822543034019673",
"281707485734063334869934073148782235607",
"200938997849739993552854236564981924543",
"61193478084274913025145721147151914555",
"11119856135425521479478086121748634071",
"36056746438926321259586731742855787738",
"89564003875324413171558345015596283511",
"336686012944365615830869366575145117496",
"323489933819692478040324856745487419193",
"108398574971251375865312675499366583594",
"19571880227884009085775074057022930893",
"330033236943813276107820942169263108625"
]
},
"id": "ASB-A-333681693-57fc03ee",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/585d5d6835dd2ddd65316fbbabd714c140da20fa",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/585d5d6835dd2ddd65316fbbabd714c140da20fa"
],
"spl": "2025-05-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3863.0,
"function_hash": "311454146115973663917991245813906054878"
},
"id": "ASB-A-333681693-8abe38a4",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/3bcfb940869219e379c0100e3f7c90b4daa46516",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"226539328771947937438867499286202553777",
"128182404893194415408045296704122750548",
"131481432215581295571992698494399908966",
"58621027642444825842784308185130400195",
"199505949288426174741368538261644591719",
"264161942589650726092126966092443708262",
"213303611220441465108637146896255335873",
"146826521238881401794650207391374591278",
"139331100715896940561689173889040186387",
"107706092008188001206620109470412009020",
"49505901022145429097985022115802020162",
"61548140088371532993483124328995166210",
"235181517637232330596128822543034019673",
"281707485734063334869934073148782235607",
"200938997849739993552854236564981924543",
"61193478084274913025145721147151914555",
"11119856135425521479478086121748634071",
"36056746438926321259586731742855787738",
"89564003875324413171558345015596283511",
"336686012944365615830869366575145117496",
"323489933819692478040324856745487419193",
"108398574971251375865312675499366583594",
"19571880227884009085775074057022930893",
"330033236943813276107820942169263108625"
]
},
"id": "ASB-A-333681693-d11be3fd",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/3bcfb940869219e379c0100e3f7c90b4daa46516",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/3bcfb940869219e379c0100e3f7c90b4daa46516"
],
"spl": "2025-05-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 3453.0,
"function_hash": "76213129383381897343100061884703365797"
},
"id": "ASB-A-333681693-1f3dbaf8",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/2d41286d6842b9bd19cd147c57e4f0631a6f798a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"328936948513556325927976811060800877617",
"174760462338680410395634342065634534738",
"256444957349224662929658674581948890470",
"329643250220091948918545597765491613050",
"153397218751441293720439795237062970464",
"233807460926611837190693891857192799493",
"151869911743838694737980644498001062757",
"200938997849739993552854236564981924543",
"216968072674477350412919701554543735085",
"320108155360347866818430645633462933912",
"62898023952813435303310008578329148948",
"251464919893242259261635574464270018455",
"86972210004767523422780585715687135168",
"71878994855942255996645455098177711216",
"153551245384849571726198800743890646695",
"108398574971251375865312675499366583594",
"19571880227884009085775074057022930893",
"222257891830276747359375193832794397922"
]
},
"id": "ASB-A-333681693-f491283c",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/2d41286d6842b9bd19cd147c57e4f0631a6f798a",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2d41286d6842b9bd19cd147c57e4f0631a6f798a"
],
"spl": "2025-05-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"153397218751441293720439795237062970464",
"233807460926611837190693891857192799493",
"151869911743838694737980644498001062757",
"200938997849739993552854236564981924543",
"61193478084274913025145721147151914555",
"11119856135425521479478086121748634071",
"36056746438926321259586731742855787738",
"89564003875324413171558345015596283511",
"336686012944365615830869366575145117496",
"323489933819692478040324856745487419193",
"108398574971251375865312675499366583594",
"19571880227884009085775074057022930893",
"330033236943813276107820942169263108625"
]
},
"id": "ASB-A-333681693-640f1088",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/a30de548524bc2d73ad3bd8b18697a59ac6ffc32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 3280.0,
"function_hash": "134719885038114671145517187606102306629"
},
"id": "ASB-A-333681693-75bc1ff1",
"source": "https://googleplex-android.googlesource.com/platform/frameworks/base/+/a30de548524bc2d73ad3bd8b18697a59ac6ffc32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "packages/PackageInstaller/src/com/android/packageinstaller/UninstallerActivity.java",
"function": "onCreate"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/a30de548524bc2d73ad3bd8b18697a59ac6ffc32"
],
"spl": "2025-05-01",
"severity": "High",
"types": [
"EoP"
]
}