ASB-A-417195606
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-417195606.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-417195606
- Aliases
-
- A-417195606
- CVE-2025-48579
- Published
- 2026-03-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In multiple functions of MediaProvider.java, there is a possible external storage write permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b"
],
"spl": "2026-03-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"157008262511666817509664268140295072205",
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"141625541906072031225061328149433762461",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-417195606-648256df"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "145389143715353340976887769248962519906",
"length": 11920.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-87a639d9"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "302616573519657844830296422326247535450",
"length": 1500.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-e7f0e78d"
}
],
"types": [
"EoP"
]
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67"
],
"spl": "2026-03-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-417195606-06a2b15c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "91962688363124041771487770172171075718",
"length": 1280.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-a19aaa74"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "289346420551521676399412182515700069900",
"length": 11594.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-a9f3fff6"
}
],
"types": [
"EoP"
]
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527"
],
"spl": "2026-03-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "252859413699993422588117712992192386126",
"length": 11894.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-35f2370d"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-417195606-7042ff3e"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "91962688363124041771487770172171075718",
"length": 1280.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-f4d3b9f5"
}
],
"types": [
"EoP"
]
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3"
],
"spl": "2026-03-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"function_hash": "173341845250437689172274271489378931118",
"length": 11655.0
},
"signature_type": "Function",
"id": "ASB-A-417195606-033ccb4c"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
},
"deprecated": false,
"digest": {
"line_hashes": [
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-417195606-049d83b7"
}
],
"types": [
"EoP"
]
}