In AttributionSource of AttributionSource.java, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "58500476833747802153434581479627834441", "141003516130091699924838840649367207779", "323974363854389601892241804885757787268", "161203185256460395633060024710765614252", "282530622468871108991748252371714399115", "331704839110234400389262580757181032614", "279945010626182010948792159391367305188", "192652305326336604983534351473504759127", "334977559813023621614033957333765289371", "157628855462525407594729476251106386503" ] }, "id": "ASB-A-200288596-f8c312d7", "source": "https://android.googlesource.com/platform/frameworks/base/+/f29223746d9009a592b0ee7ee5a92398589c5b53", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/android/content/AttributionSource.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/f29223746d9009a592b0ee7ee5a92398589c5b53" ], "spl": "2022-04-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "58500476833747802153434581479627834441", "141003516130091699924838840649367207779", "323974363854389601892241804885757787268", "161203185256460395633060024710765614252", "282530622468871108991748252371714399115", "331704839110234400389262580757181032614", "279945010626182010948792159391367305188", "192652305326336604983534351473504759127", "334977559813023621614033957333765289371", "157628855462525407594729476251106386503" ] }, "id": "ASB-A-200288596-1f04f4a2", "source": "https://android.googlesource.com/platform/frameworks/base/+/f29223746d9009a592b0ee7ee5a92398589c5b53", "deprecated": false, "signature_version": "v1", "target": { "file": "core/java/android/content/AttributionSource.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/frameworks/base/+/f29223746d9009a592b0ee7ee5a92398589c5b53" ], "spl": "2022-04-01", "severity": "High", "types": [ "EoP" ] }