ASB-A-259385017

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-259385017.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-259385017
Aliases
  • A-259385017
  • CVE-2023-21107
Published
2023-05-01T00:00:00Z
Modified
2024-08-07T19:30:05.250884Z
Summary
Cross-user notification access type control using undocumented intent extras
Details

In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-05-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 799.0,
                "function_hash": "126812758670877602072831679107254504906"
            },
            "id": "ASB-A-259385017-b79a05af",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java",
                "function": "retrieveAppEntry"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122801481725524473723710929709275622710",
                    "222390034388202181844242922618841512158",
                    "283965336966937628894612660817621901131",
                    "272405940110754710207879884765393292318",
                    "196727238334898885538839268810150074966",
                    "315194688582831595259135626079335554853",
                    "46706889825726414093546133437972081899",
                    "38679744851214130239580683317555628502",
                    "163323195360202353972971378277645397893",
                    "196737136246763182714678355935877234911",
                    "140877233746596711254219934434432080051",
                    "27868741867664894162702260508424625566",
                    "326692411290225447106468416311027466663",
                    "271197561047071638675322122791349406644",
                    "202102347137811234824721270542908316933",
                    "240673301015471928763093234654380995634",
                    "150985011417713154467310296905082941349",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "265643929493417852125845845388086789476",
                    "137655301728279105138798586559354493568",
                    "328567503349184670597287643979372207968"
                ]
            },
            "id": "ASB-A-259385017-d5d6a6e1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/99b8b4cd602affa6a8151c37f6a666ea0b7e0631"
    ],
    "spl": "2023-05-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-05-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "8287049963772050290548956172220293148",
                    "272291396490126000080040708517988334098",
                    "8509224761294982306728327176934189632",
                    "249033722199238218807734653215153680693",
                    "321416480491646694190929521416698814152",
                    "107269414546797637812676072006239190099",
                    "190837069176629548463978522804478144029",
                    "275056010447832419544168982845009319374",
                    "66639743089079996721577075337269212972",
                    "260421902015728785462815924696288937725",
                    "295225870636365965444688894582045108979",
                    "303755354804138495481184701803787877320"
                ]
            },
            "id": "ASB-A-259385017-c9e2456e",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5fb0705664449e2a62c6219a8a417749620bb937",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/5fb0705664449e2a62c6219a8a417749620bb937"
    ],
    "spl": "2023-05-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-05-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 896.0,
                "function_hash": "120450392376070500879756491848392551899"
            },
            "id": "ASB-A-259385017-2ba28877",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java",
                "function": "retrieveAppEntry"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122801481725524473723710929709275622710",
                    "222390034388202181844242922618841512158",
                    "196737136246763182714678355935877234911",
                    "140877233746596711254219934434432080051",
                    "27868741867664894162702260508424625566",
                    "326692411290225447106468416311027466663",
                    "70668152671260240201884439802941552087",
                    "197591625939384808796586889176456419115",
                    "4077395368880426913245385536055685588",
                    "184383772242148734332557387196537530507",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "129981388302956578162621720284826158104",
                    "137655301728279105138798586559354493568",
                    "328567503349184670597287643979372207968"
                ]
            },
            "id": "ASB-A-259385017-c1b4c5c8",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/9a7bd79ca3ba7918e78e88b9638524887473d16c"
    ],
    "spl": "2023-05-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-05-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122801481725524473723710929709275622710",
                    "222390034388202181844242922618841512158",
                    "196737136246763182714678355935877234911",
                    "140877233746596711254219934434432080051",
                    "27868741867664894162702260508424625566",
                    "326692411290225447106468416311027466663",
                    "70668152671260240201884439802941552087",
                    "197591625939384808796586889176456419115",
                    "4077395368880426913245385536055685588",
                    "184383772242148734332557387196537530507",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "265643929493417852125845845388086789476",
                    "137655301728279105138798586559354493568",
                    "328567503349184670597287643979372207968"
                ]
            },
            "id": "ASB-A-259385017-50bf6293",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 799.0,
                "function_hash": "126812758670877602072831679107254504906"
            },
            "id": "ASB-A-259385017-5a35c1ba",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java",
                "function": "retrieveAppEntry"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/d374ca1324396068477b682c6a5a3eaf6d6da208"
    ],
    "spl": "2023-05-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-05-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 799.0,
                "function_hash": "126812758670877602072831679107254504906"
            },
            "id": "ASB-A-259385017-044646d5",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java",
                "function": "retrieveAppEntry"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122801481725524473723710929709275622710",
                    "222390034388202181844242922618841512158",
                    "283965336966937628894612660817621901131",
                    "272405940110754710207879884765393292318",
                    "196727238334898885538839268810150074966",
                    "315194688582831595259135626079335554853",
                    "46706889825726414093546133437972081899",
                    "38679744851214130239580683317555628502",
                    "163323195360202353972971378277645397893",
                    "196737136246763182714678355935877234911",
                    "140877233746596711254219934434432080051",
                    "27868741867664894162702260508424625566",
                    "326692411290225447106468416311027466663",
                    "271197561047071638675322122791349406644",
                    "202102347137811234824721270542908316933",
                    "240673301015471928763093234654380995634",
                    "150985011417713154467310296905082941349",
                    "148895478068658423118081653364542686348",
                    "229576963873663300966969905449561113344",
                    "334330305333797608329864193959475347539",
                    "110570043621086428945814529144846361935",
                    "321798546454385257581027784768169491613",
                    "265643929493417852125845845388086789476",
                    "137655301728279105138798586559354493568",
                    "328567503349184670597287643979372207968"
                ]
            },
            "id": "ASB-A-259385017-d5445c53",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/applications/specialaccess/notificationaccess/NotificationAccessDetails.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/250edeead7625827110b6b944934fa470f7c0b47"
    ],
    "spl": "2023-05-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}