ASB-A-433746973

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-433746973.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-433746973
Aliases
Published
2026-03-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16-qpr2-next:0
Fixed
16-qpr2-next:2026-03-01

Affected versions

Other
16-qpr2-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208457733616812906224072334317441311486",
                    "177741000024498610159506990581220824865",
                    "246827322931647878402727532051987708110",
                    "366885149601952916460938894739865235",
                    "234143833201926822247770025081733917375",
                    "114943680788978231257779752178005008740",
                    "192576508593764210838752494662788023850",
                    "116813442933041783963474251816540213764",
                    "257152848526048718978114734189840107168",
                    "303275495934743804745592230443152619800",
                    "298379860440521963031288225963188269361",
                    "23429470870889590322777105974998790777",
                    "37632166122149386811223787386280723680",
                    "5252976747246714009360738678155877081",
                    "85395014211052402365053891356592096893",
                    "288384680890765465103422898482727070452",
                    "335490982615414724704982197380408897798",
                    "97917139651027726768513675619098556566",
                    "228799725567654130447136930544436091864",
                    "37845789811354991732956325964285322222",
                    "110177719128765197004277074762828482508",
                    "234656496459289722207609407715090371710"
                ]
            },
            "id": "ASB-A-433746973-116e710d",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 848.0,
                "function_hash": "222862161965606227208221585316443210496"
            },
            "id": "ASB-A-433746973-5648c433",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
            "target": {
                "function": "restoreFromExtras",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "271970879545183213048976685239564649552",
                    "256309662455536330311331838685129896281",
                    "337576367368607241813693656732624169277",
                    "293270563471319284243892340092297590869",
                    "207884255240402107614090257996188795272",
                    "195704373898344098143959282056482778135",
                    "74089123099812119618810142444649031038",
                    "26309697718932733755802101959838141910"
                ]
            },
            "id": "ASB-A-433746973-76bcee79",
            "deprecated": false,
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/people/NotificationHelper.java"
            },
            "signature_type": "Line",
            "match_only_versions": [
                "16-qpr2-next"
            ],
            "source": "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
            "signature_version": "v1"
        },
        {
            "digest": {
                "length": 451.0,
                "function_hash": "252317402073980250186722477669218326045"
            },
            "id": "ASB-A-433746973-807135e9",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4f75b823796641615583fee0b03a37db6139e9e2",
            "target": {
                "function": "getMessagingStyleMessages",
                "file": "packages/SystemUI/src/com/android/systemui/people/NotificationHelper.java"
            }
        },
        {
            "digest": {
                "length": 3034.0,
                "function_hash": "156289883570323766609605117093722529858"
            },
            "id": "ASB-A-433746973-80de7cf0",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 500.0,
                "function_hash": "282702296223219099501557654338978723164"
            },
            "id": "ASB-A-433746973-85cf7b35",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
            "target": {
                "function": "hasImage",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "244118638129313130557854724885127005822",
                    "166641002803337483219430292399830492341",
                    "266306969800215601446364302984980401443",
                    "310041130600403422503644795569821551019",
                    "269481190831618501634409597190761555953"
                ]
            },
            "id": "ASB-A-433746973-c0d3da3f",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4f75b823796641615583fee0b03a37db6139e9e2",
            "target": {
                "file": "packages/SystemUI/src/com/android/systemui/people/NotificationHelper.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/71d4afae00c7d6d9238f8ec82303e1e13da50fbb",
        "https://android.googlesource.com/platform/frameworks/base/+/4f75b823796641615583fee0b03a37db6139e9e2"
    ],
    "types": [
        "ID"
    ],
    "spl": "2026-03-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-433746973.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
15:0
Fixed
15:2026-03-01

Affected versions

Other
15

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 500.0,
                "function_hash": "282702296223219099501557654338978723164"
            },
            "id": "ASB-A-433746973-065d04ab",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f64c1e377842d9a8df814bcbad831bd4ce01583d",
            "target": {
                "function": "hasImage",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 2658.0,
                "function_hash": "14872119413519754712221561025011505500"
            },
            "id": "ASB-A-433746973-945b38cd",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f64c1e377842d9a8df814bcbad831bd4ce01583d",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208457733616812906224072334317441311486",
                    "177741000024498610159506990581220824865",
                    "246827322931647878402727532051987708110",
                    "366885149601952916460938894739865235",
                    "234143833201926822247770025081733917375",
                    "114943680788978231257779752178005008740",
                    "192576508593764210838752494662788023850",
                    "116813442933041783963474251816540213764",
                    "257152848526048718978114734189840107168",
                    "303275495934743804745592230443152619800",
                    "298379860440521963031288225963188269361",
                    "23429470870889590322777105974998790777",
                    "37632166122149386811223787386280723680",
                    "5252976747246714009360738678155877081",
                    "85395014211052402365053891356592096893",
                    "288384680890765465103422898482727070452",
                    "335490982615414724704982197380408897798",
                    "97917139651027726768513675619098556566",
                    "228799725567654130447136930544436091864",
                    "37845789811354991732956325964285322222",
                    "110177719128765197004277074762828482508",
                    "234656496459289722207609407715090371710"
                ]
            },
            "id": "ASB-A-433746973-e5172a75",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f64c1e377842d9a8df814bcbad831bd4ce01583d",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 848.0,
                "function_hash": "222862161965606227208221585316443210496"
            },
            "id": "ASB-A-433746973-f5702178",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/f64c1e377842d9a8df814bcbad831bd4ce01583d",
            "target": {
                "function": "restoreFromExtras",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/f64c1e377842d9a8df814bcbad831bd4ce01583d"
    ],
    "types": [
        "ID"
    ],
    "spl": "2026-03-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-433746973.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16:0
Fixed
16:2026-03-01

Affected versions

Other
16

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 848.0,
                "function_hash": "222862161965606227208221585316443210496"
            },
            "id": "ASB-A-433746973-2e9febd7",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/70fe31848f073029cdb38cd6c5fe47f200dd4c78",
            "target": {
                "function": "restoreFromExtras",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 500.0,
                "function_hash": "282702296223219099501557654338978723164"
            },
            "id": "ASB-A-433746973-4e25bffb",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/70fe31848f073029cdb38cd6c5fe47f200dd4c78",
            "target": {
                "function": "hasImage",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208457733616812906224072334317441311486",
                    "177741000024498610159506990581220824865",
                    "246827322931647878402727532051987708110",
                    "366885149601952916460938894739865235",
                    "234143833201926822247770025081733917375",
                    "114943680788978231257779752178005008740",
                    "192576508593764210838752494662788023850",
                    "116813442933041783963474251816540213764",
                    "257152848526048718978114734189840107168",
                    "303275495934743804745592230443152619800",
                    "298379860440521963031288225963188269361",
                    "23429470870889590322777105974998790777",
                    "37632166122149386811223787386280723680",
                    "5252976747246714009360738678155877081",
                    "85395014211052402365053891356592096893",
                    "288384680890765465103422898482727070452",
                    "335490982615414724704982197380408897798",
                    "97917139651027726768513675619098556566",
                    "228799725567654130447136930544436091864",
                    "37845789811354991732956325964285322222",
                    "110177719128765197004277074762828482508",
                    "234656496459289722207609407715090371710"
                ]
            },
            "id": "ASB-A-433746973-867d6dc5",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/70fe31848f073029cdb38cd6c5fe47f200dd4c78",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 2951.0,
                "function_hash": "308418045487389591573365703911278494154"
            },
            "id": "ASB-A-433746973-c1b9e230",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/70fe31848f073029cdb38cd6c5fe47f200dd4c78",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/70fe31848f073029cdb38cd6c5fe47f200dd4c78"
    ],
    "types": [
        "ID"
    ],
    "spl": "2026-03-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-433746973.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16-qpr2:0
Fixed
16-qpr2:2026-03-01

Affected versions

Other
16-qpr2

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 500.0,
                "function_hash": "282702296223219099501557654338978723164"
            },
            "id": "ASB-A-433746973-0ab29497",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fb415bfd038da2b276e031618459727bb56240b5",
            "target": {
                "function": "hasImage",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 2951.0,
                "function_hash": "308418045487389591573365703911278494154"
            },
            "id": "ASB-A-433746973-68f7f988",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fb415bfd038da2b276e031618459727bb56240b5",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208457733616812906224072334317441311486",
                    "177741000024498610159506990581220824865",
                    "246827322931647878402727532051987708110",
                    "366885149601952916460938894739865235",
                    "234143833201926822247770025081733917375",
                    "114943680788978231257779752178005008740",
                    "192576508593764210838752494662788023850",
                    "116813442933041783963474251816540213764",
                    "257152848526048718978114734189840107168",
                    "303275495934743804745592230443152619800",
                    "298379860440521963031288225963188269361",
                    "23429470870889590322777105974998790777",
                    "37632166122149386811223787386280723680",
                    "5252976747246714009360738678155877081",
                    "85395014211052402365053891356592096893",
                    "288384680890765465103422898482727070452",
                    "335490982615414724704982197380408897798",
                    "97917139651027726768513675619098556566",
                    "228799725567654130447136930544436091864",
                    "37845789811354991732956325964285322222",
                    "110177719128765197004277074762828482508",
                    "234656496459289722207609407715090371710"
                ]
            },
            "id": "ASB-A-433746973-a7c43e9d",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fb415bfd038da2b276e031618459727bb56240b5",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 848.0,
                "function_hash": "222862161965606227208221585316443210496"
            },
            "id": "ASB-A-433746973-d8bf2eee",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/fb415bfd038da2b276e031618459727bb56240b5",
            "target": {
                "function": "restoreFromExtras",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/fb415bfd038da2b276e031618459727bb56240b5"
    ],
    "types": [
        "ID"
    ],
    "spl": "2026-03-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-433746973.json"
platform/frameworks/base

Package

Name
platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2026-03-01

Affected versions

Other
14

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 500.0,
                "function_hash": "282702296223219099501557654338978723164"
            },
            "id": "ASB-A-433746973-591a4c76",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2603bda7897a971841bee00beabb1bf4d7451604",
            "target": {
                "function": "hasImage",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 2658.0,
                "function_hash": "14872119413519754712221561025011505500"
            },
            "id": "ASB-A-433746973-7e03ab73",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2603bda7897a971841bee00beabb1bf4d7451604",
            "target": {
                "function": "visitUris",
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "208457733616812906224072334317441311486",
                    "177741000024498610159506990581220824865",
                    "246827322931647878402727532051987708110",
                    "366885149601952916460938894739865235",
                    "234143833201926822247770025081733917375",
                    "114943680788978231257779752178005008740",
                    "192576508593764210838752494662788023850",
                    "116813442933041783963474251816540213764",
                    "257152848526048718978114734189840107168",
                    "303275495934743804745592230443152619800",
                    "298379860440521963031288225963188269361",
                    "23429470870889590322777105974998790777",
                    "37632166122149386811223787386280723680",
                    "5252976747246714009360738678155877081",
                    "85395014211052402365053891356592096893",
                    "288384680890765465103422898482727070452",
                    "335490982615414724704982197380408897798",
                    "97917139651027726768513675619098556566",
                    "228799725567654130447136930544436091864",
                    "37845789811354991732956325964285322222",
                    "110177719128765197004277074762828482508",
                    "234656496459289722207609407715090371710"
                ]
            },
            "id": "ASB-A-433746973-8276fd20",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2603bda7897a971841bee00beabb1bf4d7451604",
            "target": {
                "file": "core/java/android/app/Notification.java"
            }
        },
        {
            "digest": {
                "length": 848.0,
                "function_hash": "222862161965606227208221585316443210496"
            },
            "id": "ASB-A-433746973-dacf161f",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/2603bda7897a971841bee00beabb1bf4d7451604",
            "target": {
                "function": "restoreFromExtras",
                "file": "core/java/android/app/Notification.java"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/2603bda7897a971841bee00beabb1bf4d7451604"
    ],
    "types": [
        "ID"
    ],
    "spl": "2026-03-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-433746973.json"