In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 799.0, "function_hash": "126812758670877602072831679107254504906" }, "id": "ASB-A-259385017-b79a05af", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java", "function": "retrieveAppEntry" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "122801481725524473723710929709275622710", "222390034388202181844242922618841512158", "283965336966937628894612660817621901131", "272405940110754710207879884765393292318", "196727238334898885538839268810150074966", "315194688582831595259135626079335554853", "46706889825726414093546133437972081899", "38679744851214130239580683317555628502", "163323195360202353972971378277645397893", "196737136246763182714678355935877234911", "140877233746596711254219934434432080051", "27868741867664894162702260508424625566", "326692411290225447106468416311027466663", "271197561047071638675322122791349406644", "202102347137811234824721270542908316933", "240673301015471928763093234654380995634", "150985011417713154467310296905082941349", "148895478068658423118081653364542686348", "229576963873663300966969905449561113344", "334330305333797608329864193959475347539", "110570043621086428945814529144846361935", "321798546454385257581027784768169491613", "265643929493417852125845845388086789476", "137655301728279105138798586559354493568", "328567503349184670597287643979372207968" ] }, "id": "ASB-A-259385017-d5d6a6e1", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631" ], "spl": "2023-05-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "8287049963772050290548956172220293148", "272291396490126000080040708517988334098", "8509224761294982306728327176934189632", "249033722199238218807734653215153680693", "321416480491646694190929521416698814152", "107269414546797637812676072006239190099", "190837069176629548463978522804478144029", "275056010447832419544168982845009319374", "66639743089079996721577075337269212972", "260421902015728785462815924696288937725", "295225870636365965444688894582045108979", "303755354804138495481184701803787877320" ] }, "id": "ASB-A-259385017-c9e2456e", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5fb0705664449e2a62c6219a8a417749620bb937", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/5fb0705664449e2a62c6219a8a417749620bb937" ], "spl": "2023-05-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 896.0, "function_hash": "120450392376070500879756491848392551899" }, "id": "ASB-A-259385017-2ba28877", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java", "function": "retrieveAppEntry" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "122801481725524473723710929709275622710", "222390034388202181844242922618841512158", "196737136246763182714678355935877234911", "140877233746596711254219934434432080051", "27868741867664894162702260508424625566", "326692411290225447106468416311027466663", "70668152671260240201884439802941552087", "197591625939384808796586889176456419115", "4077395368880426913245385536055685588", "184383772242148734332557387196537530507", "148895478068658423118081653364542686348", "229576963873663300966969905449561113344", "334330305333797608329864193959475347539", "110570043621086428945814529144846361935", "321798546454385257581027784768169491613", "129981388302956578162621720284826158104", "137655301728279105138798586559354493568", "328567503349184670597287643979372207968" ] }, "id": "ASB-A-259385017-c1b4c5c8", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c" ], "spl": "2023-05-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "122801481725524473723710929709275622710", "222390034388202181844242922618841512158", "196737136246763182714678355935877234911", "140877233746596711254219934434432080051", "27868741867664894162702260508424625566", "326692411290225447106468416311027466663", "70668152671260240201884439802941552087", "197591625939384808796586889176456419115", "4077395368880426913245385536055685588", "184383772242148734332557387196537530507", "148895478068658423118081653364542686348", "229576963873663300966969905449561113344", "334330305333797608329864193959475347539", "110570043621086428945814529144846361935", "321798546454385257581027784768169491613", "265643929493417852125845845388086789476", "137655301728279105138798586559354493568", "328567503349184670597287643979372207968" ] }, "id": "ASB-A-259385017-50bf6293", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java" }, "signature_type": "Line" }, { "digest": { "length": 799.0, "function_hash": "126812758670877602072831679107254504906" }, "id": "ASB-A-259385017-5a35c1ba", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java", "function": "retrieveAppEntry" }, "signature_type": "Function" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208" ], "spl": "2023-05-01", "severity": "High", "types": [ "EoP" ] }
{ "vanir_signatures": [ { "digest": { "length": 799.0, "function_hash": "126812758670877602072831679107254504906" }, "id": "ASB-A-259385017-044646d5", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java", "function": "retrieveAppEntry" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "122801481725524473723710929709275622710", "222390034388202181844242922618841512158", "283965336966937628894612660817621901131", "272405940110754710207879884765393292318", "196727238334898885538839268810150074966", "315194688582831595259135626079335554853", "46706889825726414093546133437972081899", "38679744851214130239580683317555628502", "163323195360202353972971378277645397893", "196737136246763182714678355935877234911", "140877233746596711254219934434432080051", "27868741867664894162702260508424625566", "326692411290225447106468416311027466663", "271197561047071638675322122791349406644", "202102347137811234824721270542908316933", "240673301015471928763093234654380995634", "150985011417713154467310296905082941349", "148895478068658423118081653364542686348", "229576963873663300966969905449561113344", "334330305333797608329864193959475347539", "110570043621086428945814529144846361935", "321798546454385257581027784768169491613", "265643929493417852125845845388086789476", "137655301728279105138798586559354493568", "328567503349184670597287643979372207968" ] }, "id": "ASB-A-259385017-d5445c53", "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47", "deprecated": false, "signature_version": "v1", "target": { "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47" ], "spl": "2023-05-01", "severity": "High", "types": [ "EoP" ] }