ASB-A-360807442

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-360807442.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-360807442
Aliases
  • A-360807442
  • CVE-2024-43769
Published
2024-12-01T00:00:00Z
Modified
2024-12-05T16:12:15.731385Z
Summary
[none]
Details

In isPackageDeviceAdmin of PackageManagerService.java, there is a possible edge case which could prevent the uninstallation of CloudDpc due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15-next:0
Fixed
15-next:2024-12-01

Affected versions

Other

15-next

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3729573a87861339e3777cb58abe328d2a6ea7a0",
        "https://android.googlesource.com/platform/frameworks/base/+/3d5d962a6156fa822c0038e85315e7823a68ff59"
    ],
    "spl": "2024-12-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2024-12-01

Affected versions

Other

13

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d45439369db1e7d73ee37981abab5a0313739b53"
    ],
    "spl": "2024-12-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2024-12-01

Affected versions

Other

14

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/da522df80568c158fe30896f9a571d05556ee51a"
    ],
    "spl": "2024-12-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}