ASB-A-397438392

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-397438392.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-397438392

Aliases

A-397438392
CVE-2025-48545

Published

2025-09-01T00:00:00Z

Modified

2026-03-14T08:46:42.698323Z

Summary

[none]

Details

In isSystemUid of AccountManagerService.java, there is a possible way for an app to access privileged APIs due to a confused deputy. This could lead to local privilege escalation with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android

platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

16-next:0

Fixed

16-next:2025-09-01

Affected versions

Other

16-next

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/d400709160c8374d83a15dc7623b11434c08c4c6"
    ],
    "spl": "2025-09-01",
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d400709160c8374d83a15dc7623b11434c08c4c6",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-ec25bb79",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301085973425528169524709004077373831563",
                    "216726074587728072739208380767334123804",
                    "119242253748994613345553426103635851740",
                    "242632864898814537389428415415848732297"
                ]
            },
            "signature_type": "Line",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
            }
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/d400709160c8374d83a15dc7623b11434c08c4c6",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-f5407bbb",
            "digest": {
                "length": 629.0,
                "function_hash": "264335857848518456123992062052361392928"
            },
            "signature_type": "Function",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java",
                "function": "isSystemUid"
            }
        }
    ],
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-397438392.json"

platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

15:0

Fixed

15:2025-09-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/4732a7720c89aeaa30157932c3d9e37908d50db2"
    ],
    "spl": "2025-09-01",
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4732a7720c89aeaa30157932c3d9e37908d50db2",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-ba14281f",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301085973425528169524709004077373831563",
                    "216726074587728072739208380767334123804",
                    "119242253748994613345553426103635851740",
                    "242632864898814537389428415415848732297"
                ]
            },
            "signature_type": "Line",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
            }
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4732a7720c89aeaa30157932c3d9e37908d50db2",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-f7d81269",
            "digest": {
                "length": 629.0,
                "function_hash": "264335857848518456123992062052361392928"
            },
            "signature_type": "Function",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java",
                "function": "isSystemUid"
            }
        }
    ],
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-397438392.json"

platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

16:0

Fixed

16:2025-09-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/3eb6e9bf403d4b42762f15f55875cbb75039edea"
    ],
    "spl": "2025-09-01",
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3eb6e9bf403d4b42762f15f55875cbb75039edea",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-3f5e8c4e",
            "digest": {
                "length": 629.0,
                "function_hash": "264335857848518456123992062052361392928"
            },
            "signature_type": "Function",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java",
                "function": "isSystemUid"
            }
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/3eb6e9bf403d4b42762f15f55875cbb75039edea",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-43b2a79f",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301085973425528169524709004077373831563",
                    "216726074587728072739208380767334123804",
                    "119242253748994613345553426103635851740",
                    "242632864898814537389428415415848732297"
                ]
            },
            "signature_type": "Line",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
            }
        }
    ],
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-397438392.json"

platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2025-09-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/e73ea8f51b74a87047e8aef38a724ab2f667a6bf"
    ],
    "spl": "2025-09-01",
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/e73ea8f51b74a87047e8aef38a724ab2f667a6bf",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-59e421a1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301085973425528169524709004077373831563",
                    "216726074587728072739208380767334123804",
                    "119242253748994613345553426103635851740",
                    "242632864898814537389428415415848732297"
                ]
            },
            "signature_type": "Line",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
            }
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/e73ea8f51b74a87047e8aef38a724ab2f667a6bf",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-85b7d356",
            "digest": {
                "length": 629.0,
                "function_hash": "264335857848518456123992062052361392928"
            },
            "signature_type": "Function",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java",
                "function": "isSystemUid"
            }
        }
    ],
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-397438392.json"

platform/frameworks/base

Package

Name: platform/frameworks/base

Affected ranges

Type: ECOSYSTEM
Events: Introduced

14:0

Fixed

14:2025-09-01

Affected versions

Other

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/04fa4b05b9b5962485a0b93874dc8302635b56bf"
    ],
    "spl": "2025-09-01",
    "vanir_signatures": [
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/04fa4b05b9b5962485a0b93874dc8302635b56bf",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-a5989eea",
            "digest": {
                "length": 629.0,
                "function_hash": "264335857848518456123992062052361392928"
            },
            "signature_type": "Function",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java",
                "function": "isSystemUid"
            }
        },
        {
            "source": "https://android.googlesource.com/platform/frameworks/base/+/04fa4b05b9b5962485a0b93874dc8302635b56bf",
            "deprecated": false,
            "signature_version": "v1",
            "id": "ASB-A-397438392-bcc41ed1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "301085973425528169524709004077373831563",
                    "216726074587728072739208380767334123804",
                    "119242253748994613345553426103635851740",
                    "242632864898814537389428415415848732297"
                ]
            },
            "signature_type": "Line",
            "target": {
                "file": "services/core/java/com/android/server/accounts/AccountManagerService.java"
            }
        }
    ],
    "severity": "High"
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-397438392.json"