ASB-A-341256043
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-341256043.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-341256043
- Aliases
-
- A-341256043
- CVE-2024-43081
- Published
- 2024-11-01T00:00:00Z
- Modified
- 2025-07-08T14:49:05.892122Z
- Summary
- [none]
- Details
-
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/04534c3920f01680cc6f50f57737a25f8f893bb1"
],
"vanir_signatures": [
{
"id": "ASB-A-341256043-19fc65f9",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"247072308262172872979524978937761345608",
"70078933855901175012213158357255615818",
"130782364824674563949830595169623224801",
"97768317995976597419647832143432107752",
"172462288539287315524255640510087042382",
"317262461759818309976398071849066620926",
"248144891049726392850816756954403720649",
"312468334464122519273056096798021863641"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/04534c3920f01680cc6f50f57737a25f8f893bb1",
"deprecated": false,
"signature_type": "Line"
},
{
"id": "ASB-A-341256043-5f3b4164",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"digest": {
"function_hash": "123079867802361225203984530978881524921",
"length": 4209.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/04534c3920f01680cc6f50f57737a25f8f893bb1",
"deprecated": false,
"signature_type": "Function"
}
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6"
],
"vanir_signatures": [
{
"id": "ASB-A-341256043-092e696f",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"247072308262172872979524978937761345608",
"296894583660661426208559435853166139488",
"134059891320470609010110375269386693265",
"87827947278605910285015675450360337511",
"297779046294581971934514079856474345082",
"91372568986300504860656369904178241421",
"62528426924789878548411396549682360680",
"279262341454628670883687670865949774028"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6",
"deprecated": false,
"signature_type": "Line"
},
{
"id": "ASB-A-341256043-85e20080",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "installExistingPackageAsUser"
},
"digest": {
"function_hash": "169378628322195178800036635740531678488",
"length": 3176.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6",
"deprecated": false,
"signature_type": "Function"
}
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6"
],
"vanir_signatures": [
{
"id": "ASB-A-341256043-12a029f6",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"247072308262172872979524978937761345608",
"296894583660661426208559435853166139488",
"134059891320470609010110375269386693265",
"87827947278605910285015675450360337511",
"297779046294581971934514079856474345082",
"91372568986300504860656369904178241421",
"62528426924789878548411396549682360680",
"279262341454628670883687670865949774028"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6",
"deprecated": false,
"signature_type": "Line"
},
{
"id": "ASB-A-341256043-681a1021",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/PackageManagerService.java",
"function": "installExistingPackageAsUser"
},
"digest": {
"function_hash": "169378628322195178800036635740531678488",
"length": 3176.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/b0bed46691db3fa0b9a109d236cb9cd85f4042e6",
"deprecated": false,
"signature_type": "Function"
}
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/691d163e52bc64a47cabe825a7e1ce05b8666b90"
],
"vanir_signatures": [
{
"id": "ASB-A-341256043-8cb1b649",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"digest": {
"function_hash": "161096543094585787186067188891530604553",
"length": 3471.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/691d163e52bc64a47cabe825a7e1ce05b8666b90",
"deprecated": false,
"signature_type": "Function"
},
{
"id": "ASB-A-341256043-afa106b9",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"247072308262172872979524978937761345608",
"70078933855901175012213158357255615818",
"130782364824674563949830595169623224801",
"97768317995976597419647832143432107752",
"67309133150296479806491525255240177062",
"40025720798354206229700566048601506411",
"99074010020045898353170880770390954342",
"236805338225694266776590835676271477600"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/691d163e52bc64a47cabe825a7e1ce05b8666b90",
"deprecated": false,
"signature_type": "Line"
}
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/1e0d36fa4381c44e6941c6a2f505ceba666b7d5c"
],
"vanir_signatures": [
{
"id": "ASB-A-341256043-4464e24f",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"247072308262172872979524978937761345608",
"70078933855901175012213158357255615818",
"130782364824674563949830595169623224801",
"97768317995976597419647832143432107752",
"172462288539287315524255640510087042382",
"317262461759818309976398071849066620926",
"248144891049726392850816756954403720649",
"312468334464122519273056096798021863641"
]
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/1e0d36fa4381c44e6941c6a2f505ceba666b7d5c",
"deprecated": false,
"signature_type": "Line"
},
{
"id": "ASB-A-341256043-f2920905",
"signature_version": "v1",
"target": {
"file": "services/core/java/com/android/server/pm/InstallPackageHelper.java",
"function": "installExistingPackageAsUser"
},
"digest": {
"function_hash": "59012736023083714650321919848491470861",
"length": 3906.0
},
"source": "https://android.googlesource.com/platform/frameworks/base/+/1e0d36fa4381c44e6941c6a2f505ceba666b7d5c",
"deprecated": false,
"signature_type": "Function"
}
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"EoP"
]
}