ASB-A-476417007

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-476417007.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-476417007
Aliases
  • A-476417007
  • CVE-2026-0086
Published
2026-06-01T00:00:00Z
Modified
2026-06-02T15:13:07.889160648Z
Summary
[none]
Details

In onCreate of DisableSupervisionActivity.kt, there is a possible way to delete supervision data due to a missing null check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
17-next:0
Fixed
17-next:2026-06-01

Affected versions

Other
17-next

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/f0922db8cc4c1cb515c8a2a580993aa061481f65"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2026-06-01"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-476417007.json"

Android / platform/packages/apps/Settings

Package

Name
platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
16-qpr2:0
Fixed
16-qpr2:2026-06-01

Affected versions

Other
16-qpr2

Ecosystem specific 

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/ff671ddafc28d5e73bdfdbb9cc7826d441ff65c3"
    ],
    "severity": "High",
    "types": [
        "EoP"
    ],
    "spl": "2026-06-01"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-476417007.json"