In onCreate of LogAccessDialogActivity.java, there is a possible way to bypass a permission check due to a tapjacking/overlay attack. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "85869745324465802771215541665700053780", "137307547362199649667788586508825963157", "264133457802719165104476643611053175104", "254594395367881719397676748958639709616" ] }, "id": "PUB-A-244155265-0126a6e9", "source": "https://android.googlesource.com/platform/frameworks/base/+/289debad4641b60b9c8bdf9ad9607f42af77a188", "deprecated": false, "signature_version": "v1", "target": { "file": "services/core/java/com/android/server/logcat/LogAccessDialogActivity.java" }, "signature_type": "Line" }, { "digest": { "length": 1057.0, "function_hash": "216754149025133928037120674473236565206" }, "id": "PUB-A-244155265-d6944a9e", "source": "https://android.googlesource.com/platform/frameworks/base/+/289debad4641b60b9c8bdf9ad9607f42af77a188", "deprecated": false, "signature_version": "v1", "target": { "file": "services/core/java/com/android/server/logcat/LogAccessDialogActivity.java", "function": "onCreate" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/289debad4641b60b9c8bdf9ad9607f42af77a188" ], "spl": "2022-12-01", "severity": "Moderate", "types": [ "EoP" ] }