ASB-A-383328827

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-383328827.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-383328827
Aliases
Published
2025-05-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In dump of WindowManagerService.java, there is a possible way of running dumpsys without the required permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2025-05-01

Affected versions

Other
15

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "307962230069551633409797844037804565870",
                    "195435758164607766111867084465255626687",
                    "100459581530201667367539293380375120994",
                    "65869109269366220216044413136000641265",
                    "150808033846765711730010162772074374039",
                    "49229083276072875436173481827860330314",
                    "263569157269227770725311902885171890912",
                    "8045441567988998432299067648344290672",
                    "260420910750437969770877208474464448596"
                ]
            },
            "id": "ASB-A-383328827-19a066d0",
            "deprecated": false,
            "target": {
                "file": "services/core/java/com/android/server/wm/WindowManagerService.java"
            },
            "signature_type": "Line",
            "match_only_versions": [
                "15"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c617d697cdbef000cb416aefc08fc4a3cda4afa1",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 132.0,
                "function_hash": "65039974368923320334274338561678664778"
            },
            "id": "ASB-A-383328827-5aa2292d",
            "deprecated": false,
            "target": {
                "function": "dump",
                "file": "services/core/java/com/android/server/wm/WindowManagerService.java"
            },
            "signature_type": "Function",
            "match_only_versions": [
                "15"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c617d697cdbef000cb416aefc08fc4a3cda4afa1",
            "exact_target_file_match_only": true,
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 5658.0,
                "function_hash": "245006804470477077414571673338369743527"
            },
            "id": "ASB-A-383328827-762d9c41",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c617d697cdbef000cb416aefc08fc4a3cda4afa1",
            "target": {
                "function": "doDump",
                "file": "services/core/java/com/android/server/wm/WindowManagerService.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/c617d697cdbef000cb416aefc08fc4a3cda4afa1"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2025-05-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-383328827.json"