ASB-A-360807442

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-360807442.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-360807442
Aliases
  • A-360807442
  • CVE-2024-43769
Published
2024-12-01T00:00:00Z
Modified
2025-12-30T16:04:03.554142Z
Summary
[none]
Details

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2024-12-01

Affected versions

Other

15-next

Ecosystem specific 

{
    "severity": "High",
    "vanir_signatures": [
        {
            "signature_type": "Function",
            "deprecated": false,
            "id": "ASB-A-360807442-03dbcc77",
            "digest": {
                "function_hash": "135655665491019032323179780083264383628",
                "length": 619.0
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3729573a87861339e3777cb58abe328d2a6ea7a0",
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java",
                "function": "isPackageDeviceAdmin"
            },
            "match_only_versions": [
                "15-next"
            ]
        },
        {
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java",
                "function": "isPackageDeviceAdmin"
            },
            "signature_type": "Function",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-360807442-06d96244",
            "digest": {
                "function_hash": "137360440443325979273862012744488423455",
                "length": 727.0
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3d5d962a6156fa822c0038e85315e7823a68ff59"
        },
        {
            "signature_type": "Line",
            "deprecated": false,
            "id": "ASB-A-360807442-bbdbf56a",
            "digest": {
                "line_hashes": [
                    "72773414092944557681341484958857367714",
                    "293589660374961823652557568964060634447",
                    "3817713918122827899133022222863622854",
                    "305133493345781333104576444448842859209",
                    "143780604374093244413572130734204155658",
                    "139404120129994786005535931991738959292",
                    "55409733097399173673258235510125379960",
                    "271381946671971987163840225468439258529",
                    "120936480202762117920866223670358690731",
                    "173320260081145241779611919980640826827",
                    "136512977492524002069949802657207888957",
                    "301943029295246476571047450695607759652",
                    "167377245056298544621488036078276649655",
                    "208085256902089306980292985708107846424"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3729573a87861339e3777cb58abe328d2a6ea7a0",
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java"
            },
            "match_only_versions": [
                "15-next"
            ]
        },
        {
            "target": {
                "file": "services/core/java/com/android/server/pm/PackageManagerService.java"
            },
            "signature_type": "Line",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-360807442-dd027189",
            "digest": {
                "line_hashes": [
                    "133238895795330716838434425417093528560",
                    "206175716768240761136294905175221050089",
                    "303635801701063585245658314755151315013",
                    "234960823002923519106975611731083530534",
                    "310078750073884967148551876372570527056",
                    "215838852064557133574501713097920708553",
                    "213812026461752171677313285693767710766",
                    "125390298186341776105356719148317012349",
                    "265123478229655616004356602076940872607",
                    "128574254347526786324926810285930885588",
                    "80130938187793705273999419090775443305",
                    "299105247025968300578061749484127213989",
                    "316910088542154946559022293993416332108",
                    "207423266935650194602753200228120073546",
                    "102341632992224541540070559921127727254"
                ],
                "threshold": 0.9
            },
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3d5d962a6156fa822c0038e85315e7823a68ff59"
        }
    ],
    "types": [
        "EoP"
    ],
    "spl": "2024-12-01",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3729573a87861339e3777cb58abe328d2a6ea7a0",
        "https://android.googlesource.com/platform/frameworks/base/+/3d5d962a6156fa822c0038e85315e7823a68ff59"
    ]
}

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2024-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-12-01",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d45439369db1e7d73ee37981abab5a0313739b53"
    ]
}

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2024-12-01

Affected versions

Other

14

Ecosystem specific 

{
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2024-12-01",
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/da522df80568c158fe30896f9a571d05556ee51a"
    ]
}