ASB-A-341688848

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-341688848.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-341688848
Aliases
  • A-341688848
  • CVE-2024-49722
Published
2025-04-01T00:00:00Z
Modified
2025-04-08T15:59:42Z
Summary
[none]
Details

In showAvatarPicker of EditUserPhotoController.java, there is a possible cross user image leak due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2025-04-01

Affected versions

Other

15-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "154770951609797451940987862552557479039",
                    "218270295055629904027070469533680274829",
                    "329718296283725824123553602088403096699",
                    "173836244179821243033474735718348316364",
                    "121546223260715733684130670385522693067",
                    "135193467781791317406752509003365463482",
                    "188036491421487214446849389566803674180",
                    "284029106079095197665407380999538471599"
                ]
            },
            "id": "ASB-A-341688848-02a4cd06",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/e480e1892cafaff977e2ede68e5988eb732d098e",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 418.0,
                "function_hash": "66252267982984076039731208061947608083"
            },
            "id": "ASB-A-341688848-d63b28d1",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/e480e1892cafaff977e2ede68e5988eb732d098e",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "packages/SettingsLib/src/com/android/settingslib/users/EditUserPhotoController.java",
                "function": "showAvatarPicker"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/e480e1892cafaff977e2ede68e5988eb732d098e"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-04-01

Affected versions

Other

15

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/4b731d5c8715190b88a44c443d5028b3014cd495",
        "https://android.googlesource.com/platform/frameworks/base/+/2ab1084a748a2303289624e6063d2c60d10ec922"
    ],
    "spl": "2025-04-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}