ASB-A-261723753

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-261723753.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-261723753
Aliases
  • A-261723753
  • CVE-2023-21087
Published
2023-07-01T00:00:00Z
Modified
2024-08-07T19:29:21.452464Z
Summary
PDoS using high notification channel group count limit
Details

In PreferencesHelper.java, an uncaught exception may cause the device to get stuck in a boot loop. This could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-07-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "17172546349687306146764177581615796632",
                    "144857827867469589767378994443022019159",
                    "314966775073537382353268459073950728497",
                    "40761297176760039341387070764727993301"
                ]
            },
            "id": "ASB-A-261723753-e8f9ebaf",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/86441bd5c07c65021728748472fa6a28eaf162d0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/86441bd5c07c65021728748472fa6a28eaf162d0"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-07-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "11"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155348199709787115944160061244060492090",
                    "8557699418637963688535081754431662406",
                    "316388979166894522472593252118631351348",
                    "77370754088757487441147562591448147954"
                ]
            },
            "id": "ASB-A-261723753-290c76ae",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/5664378a7cac48184ec0702a41aaed0677d41136",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 4940.0,
                "function_hash": "25277519309193045343219980751733957753"
            },
            "id": "ASB-A-261723753-770365dd",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/0f29716ab6fbf236e5d8f688bcdfdadf32429545",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "readXml"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1179.0,
                "function_hash": "154389685060191707306043638155132659178"
            },
            "id": "ASB-A-261723753-9016dae8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/0f29716ab6fbf236e5d8f688bcdfdadf32429545",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "createNotificationChannelGroup"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "17449676190573542466631081769697285205",
                    "261420479924190779313311522506908789796",
                    "140625957613190109810105311449968894466",
                    "167031959439128374951237651286786797615",
                    "37643552596611138344663046302619437404",
                    "196743529192485195053277158544984301790",
                    "202242521017499234883027191576573446212",
                    "129796892121331845324278144194616721046",
                    "158900939070428617732404325899902702387",
                    "24493877307784879816107433076195222108",
                    "166182371834460908885308086775164381989",
                    "44527797862704030040149012167640289228",
                    "94642458531071946147625939981735366108",
                    "312484065945080682022410269406909688993",
                    "165594540568964192667031981327745068106",
                    "140767938060665798446646317601485252776"
                ]
            },
            "id": "ASB-A-261723753-a47e8a24",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/0f29716ab6fbf236e5d8f688bcdfdadf32429545",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/0f29716ab6fbf236e5d8f688bcdfdadf32429545",
        "https://android.googlesource.com/platform/frameworks/base/+/5664378a7cac48184ec0702a41aaed0677d41136"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-07-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155348199709787115944160061244060492090",
                    "290161198333100939996721323172810462679",
                    "228214646634578708237333731587034475086",
                    "263397724378918119525504693722684019394",
                    "37643552596611138344663046302619437404",
                    "196743529192485195053277158544984301790",
                    "202242521017499234883027191576573446212",
                    "129796892121331845324278144194616721046",
                    "158900939070428617732404325899902702387",
                    "24493877307784879816107433076195222108",
                    "166182371834460908885308086775164381989",
                    "44527797862704030040149012167640289228",
                    "94642458531071946147625939981735366108",
                    "312484065945080682022410269406909688993",
                    "165594540568964192667031981327745068106",
                    "140767938060665798446646317601485252776"
                ]
            },
            "id": "ASB-A-261723753-46127179",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/38257af19e18d19075483dfa351c7e5cbb9cbf75",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1155.0,
                "function_hash": "75401566855827241476091985175730625928"
            },
            "id": "ASB-A-261723753-5bef855f",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/38257af19e18d19075483dfa351c7e5cbb9cbf75",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "createNotificationChannelGroup"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 4870.0,
                "function_hash": "124705959248561110929115589367270293655"
            },
            "id": "ASB-A-261723753-92edf596",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/38257af19e18d19075483dfa351c7e5cbb9cbf75",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "readXml"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/38257af19e18d19075483dfa351c7e5cbb9cbf75"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-07-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "155348199709787115944160061244060492090",
                    "290161198333100939996721323172810462679",
                    "228214646634578708237333731587034475086",
                    "263397724378918119525504693722684019394",
                    "37643552596611138344663046302619437404",
                    "196743529192485195053277158544984301790",
                    "202242521017499234883027191576573446212",
                    "129796892121331845324278144194616721046",
                    "158900939070428617732404325899902702387",
                    "24493877307784879816107433076195222108",
                    "166182371834460908885308086775164381989",
                    "44527797862704030040149012167640289228",
                    "94642458531071946147625939981735366108",
                    "312484065945080682022410269406909688993",
                    "165594540568964192667031981327745068106",
                    "140767938060665798446646317601485252776"
                ]
            },
            "id": "ASB-A-261723753-3a927990",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/44440649c42cdbea351003dbc1fec98991e00a8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1155.0,
                "function_hash": "75401566855827241476091985175730625928"
            },
            "id": "ASB-A-261723753-5537eda8",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/44440649c42cdbea351003dbc1fec98991e00a8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "createNotificationChannelGroup"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 4846.0,
                "function_hash": "120668173329935026371620503463820441534"
            },
            "id": "ASB-A-261723753-de856a89",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/44440649c42cdbea351003dbc1fec98991e00a8b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java",
                "function": "readXml"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/44440649c42cdbea351003dbc1fec98991e00a8b"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-07-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "17172546349687306146764177581615796632",
                    "144857827867469589767378994443022019159",
                    "314966775073537382353268459073950728497",
                    "40761297176760039341387070764727993301"
                ]
            },
            "id": "ASB-A-261723753-2a344085",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/0c94ea393926869f8f620854b58548d7a139ac1f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/notification/PreferencesHelper.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/0c94ea393926869f8f620854b58548d7a139ac1f"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "DoS"
    ]
}