ASB-A-418225717
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-418225717.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-418225717
- Aliases
-
- A-418225717
- CVE-2025-48578
- Published
- 2026-03-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITEEXTERNALSTORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android
platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"157008262511666817509664268140295072205",
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"141625541906072031225061328149433762461",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
]
},
"id": "ASB-A-418225717-648256df",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"length": 11920.0,
"function_hash": "145389143715353340976887769248962519906"
},
"id": "ASB-A-418225717-87a639d9",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"length": 1500.0,
"function_hash": "302616573519657844830296422326247535450"
},
"id": "ASB-A-418225717-e7f0e78d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bb834ffbc6bbede6ca1ad49ca1301e6e567c551b"
],
"types": [
"EoP"
],
"spl": "2026-03-01",
"severity": "High"
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
]
},
"id": "ASB-A-418225717-06a2b15c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"length": 1280.0,
"function_hash": "91962688363124041771487770172171075718"
},
"id": "ASB-A-418225717-a19aaa74",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"length": 11594.0,
"function_hash": "289346420551521676399412182515700069900"
},
"id": "ASB-A-418225717-a9f3fff6",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/594de7bc81b3a510a4fa6ef17f4981e22fc05c67"
],
"types": [
"EoP"
],
"spl": "2026-03-01",
"severity": "High"
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 11894.0,
"function_hash": "252859413699993422588117712992192386126"
},
"id": "ASB-A-418225717-35f2370d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"340256004154136506690278408790561081844",
"221300492259721940217838245087518561287",
"22731703843265273253419147521500510308",
"330550544592204249471665078156016999844",
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
]
},
"id": "ASB-A-418225717-7042ff3e",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"length": 1280.0,
"function_hash": "91962688363124041771487770172171075718"
},
"id": "ASB-A-418225717-f4d3b9f5",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527",
"target": {
"function": "getResultForGetMediaUri",
"file": "src/com/android/providers/media/MediaProvider.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9c184d461fd647178bea74450cf4c3e2643f9527"
],
"types": [
"EoP"
],
"spl": "2026-03-01",
"severity": "High"
}platform/packages/providers/MediaProvider
Package
- Name
- platform/packages/providers/MediaProvider
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 11655.0,
"function_hash": "173341845250437689172274271489378931118"
},
"id": "ASB-A-418225717-033ccb4c",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3",
"target": {
"function": "updateInternal",
"file": "src/com/android/providers/media/MediaProvider.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"105197278000995005878340370576503128461",
"148588621183761209098530501553085134004",
"234486941104465051895651068277170769458",
"159125132531065204561919677225407971210",
"212940894353910588917176189519922663351"
]
},
"id": "ASB-A-418225717-049d83b7",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3",
"target": {
"file": "src/com/android/providers/media/MediaProvider.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8dbe36509166e800212ce6bf845955d359d5fef3"
],
"types": [
"EoP"
],
"spl": "2026-03-01",
"severity": "High"
}