ASB-A-355411348
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-355411348.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-355411348
- Aliases
-
- A-355411348
- CVE-2024-49720
- Published
- 2025-04-01T00:00:00Z
- Modified
- 2026-03-14T08:46:07.151215Z
- Summary
- [none]
- Details
-
In multiple functions of Permissions.java, there is a possible way to override the state of the user's location permissions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/modules/Permission
Package
- Name
- platform/packages/modules/Permission
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/7e1f7097f4a6895358bf1472e6d26c5198d00c11"
],
"spl": "2025-04-01",
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/7e1f7097f4a6895358bf1472e6d26c5198d00c11",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-029260a1",
"digest": {
"length": 1623.0,
"function_hash": "141619514520788998866018257770516533168"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "grantSingleAsUser"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/7e1f7097f4a6895358bf1472e6d26c5198d00c11",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-0400a4c9",
"digest": {
"length": 479.0,
"function_hash": "76255136349812465480493960808170142056"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "isPermissionFixedAsUser"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/7e1f7097f4a6895358bf1472e6d26c5198d00c11",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-4adc72b4",
"digest": {
"threshold": 0.9,
"line_hashes": [
"276735937301336299084427692564300228595",
"322989708559293431295789412320417604874",
"213152137624597320215320511324637273908",
"25564878861477671112121177766071587689",
"262738313968617711989477123477272251866",
"230377411451346628928423402557176974417",
"29739341363408189168750249940983237131",
"61610753031451740195870485119474286831"
]
},
"signature_type": "Line",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java"
}
}
],
"severity": "High"
}platform/packages/modules/Permission
Package
- Name
- platform/packages/modules/Permission
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/15b296865950d19076a065d8b293d28eae4a3af2"
],
"spl": "2025-04-01",
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/15b296865950d19076a065d8b293d28eae4a3af2",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-48684712",
"digest": {
"length": 479.0,
"function_hash": "76255136349812465480493960808170142056"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "isPermissionFixedAsUser"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/15b296865950d19076a065d8b293d28eae4a3af2",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-c1f1bf73",
"digest": {
"length": 1623.0,
"function_hash": "141619514520788998866018257770516533168"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "grantSingleAsUser"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/15b296865950d19076a065d8b293d28eae4a3af2",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-c7359ae3",
"digest": {
"threshold": 0.9,
"line_hashes": [
"276735937301336299084427692564300228595",
"322989708559293431295789412320417604874",
"213152137624597320215320511324637273908",
"25564878861477671112121177766071587689",
"262738313968617711989477123477272251866",
"230377411451346628928423402557176974417",
"29739341363408189168750249940983237131",
"61610753031451740195870485119474286831"
]
},
"signature_type": "Line",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java"
}
}
],
"severity": "High"
}platform/packages/modules/Permission
Package
- Name
- platform/packages/modules/Permission
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/71e09e5ad12d02b3129c7a5ce16f6de734fdd0da"
],
"spl": "2025-04-01",
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/71e09e5ad12d02b3129c7a5ce16f6de734fdd0da",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-0dd3617f",
"digest": {
"length": 447.0,
"function_hash": "157246517829887779856954165638462687008"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/Permissions.java",
"function": "isPermissionFixed"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/71e09e5ad12d02b3129c7a5ce16f6de734fdd0da",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-4218609b",
"digest": {
"length": 1551.0,
"function_hash": "326735615273034153298670880778922269486"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/Permissions.java",
"function": "grantSingle"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/71e09e5ad12d02b3129c7a5ce16f6de734fdd0da",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-581cb514",
"digest": {
"threshold": 0.9,
"line_hashes": [
"276735937301336299084427692564300228595",
"322989708559293431295789412320417604874",
"213152137624597320215320511324637273908",
"71428023426661599606021655487902426771",
"262738313968617711989477123477272251866",
"230377411451346628928423402557176974417",
"29739341363408189168750249940983237131",
"61610753031451740195870485119474286831"
]
},
"signature_type": "Line",
"target": {
"file": "PermissionController/src/com/android/permissioncontroller/role/model/Permissions.java"
}
}
],
"severity": "High"
}platform/packages/modules/Permission
Package
- Name
- platform/packages/modules/Permission
Ecosystem specific
{
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Permission/+/04e3f30193b80d0fdb7f68cbe0161dc985aa7557"
],
"spl": "2025-04-01",
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/04e3f30193b80d0fdb7f68cbe0161dc985aa7557",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-1c006cfe",
"digest": {
"threshold": 0.9,
"line_hashes": [
"276735937301336299084427692564300228595",
"322989708559293431295789412320417604874",
"213152137624597320215320511324637273908",
"71428023426661599606021655487902426771",
"262738313968617711989477123477272251866",
"230377411451346628928423402557176974417",
"29739341363408189168750249940983237131",
"61610753031451740195870485119474286831"
]
},
"signature_type": "Line",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/04e3f30193b80d0fdb7f68cbe0161dc985aa7557",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-82db1744",
"digest": {
"length": 1551.0,
"function_hash": "326735615273034153298670880778922269486"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "grantSingle"
}
},
{
"source": "https://android.googlesource.com/platform/packages/modules/Permission/+/04e3f30193b80d0fdb7f68cbe0161dc985aa7557",
"deprecated": false,
"signature_version": "v1",
"id": "ASB-A-355411348-9278377f",
"digest": {
"length": 447.0,
"function_hash": "157246517829887779856954165638462687008"
},
"signature_type": "Function",
"target": {
"file": "PermissionController/role-controller/java/com/android/role/controller/model/Permissions.java",
"function": "isPermissionFixed"
}
}
],
"severity": "High"
}