ASB-A-268193384

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-268193384.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-268193384
Aliases
  • A-268193384
  • CVE-2023-21256
Published
2023-07-01T00:00:00Z
Modified
2024-08-07T19:29:46.195286Z
Summary
ADP Grant - Starting arbitrary Activities via SettingsHomepageActivity on behalf of uid 1000
Details

In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-07-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 134.0,
                "function_hash": "185356596428023858437853145324850024203"
            },
            "id": "ASB-A-268193384-0e7a5ebd",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "isCallingAppPermitted"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 3157.0,
                "function_hash": "189423624913439060030129431963627975343"
            },
            "id": "ASB-A-268193384-690faabb",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "launchDeepLinkIntentToRight"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 590.0,
                "function_hash": "67926581386142622117586339217099678821"
            },
            "id": "ASB-A-268193384-714d18de",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "hasPrivilegedAccess"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 2050.0,
                "function_hash": "46093851110103747290941956612987539168"
            },
            "id": "ASB-A-268193384-748b0152",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "132571774483529516609662099898951184434",
                    "22041788483559470993617239323624207838",
                    "181715653843028515298128163874925865060",
                    "96853627072202321601979615406377984092",
                    "35707833216403351988236272620752795354",
                    "153103960569161125495775617616387482500",
                    "128112262627555017465909835982632558041",
                    "22423452510264765937188101476518394208",
                    "201297567626026053054381410250468052344",
                    "216828479439079589005912666973557691150",
                    "194963451676720486624403772064159543447",
                    "177033011641440959319418290636960314685",
                    "240472492848038308928595045781178556736",
                    "17874854355942956642492784558176459699",
                    "285528923098192370315874689093587187660",
                    "102835308541050052058603141002811192003",
                    "19518904023656751986520291534943964808",
                    "261965481524034096877717125562509900996",
                    "286549850467148299944658512757471371988",
                    "210616758342919391292852644640910818945",
                    "161313718679188801231329825053011233453",
                    "10949571485950084240958710614077174174",
                    "264756585375075799154155909639102410332",
                    "171102309486148321268116107523309079575",
                    "331359271788712889245061329575260280265",
                    "230596051586311103968818545896737972340",
                    "267851419220027037165903148821914121770",
                    "81495708825601022894960066669550446186",
                    "297935819184373740089850799222408589935",
                    "206113984682095361504639740730595505770",
                    "238261011871627776422000255855005089885",
                    "262646873950258666471571453293369551395",
                    "102600391902106702682419807621370759860",
                    "149149902581443407792017138648236229797",
                    "264504737646111351620858886196789293252",
                    "28618209267549212738061453449371712489",
                    "29292609383751632768932919098468725842",
                    "69622398026475285412081862090289296564",
                    "316358683519114412917156991234380283875",
                    "1342687973273497631998028962186828064",
                    "133766636878104501056106899777835466889",
                    "28930969451857573301108210190227089916",
                    "86897469178698484236564527640357834031",
                    "174276228665925202230280238338109409491",
                    "295479141426973499879685745116584997188",
                    "16098237895891796584290707411159125480",
                    "156490140419115255749861271637773236662",
                    "252771613810263997054874136950782560704",
                    "144455493909789576720390225522068412758",
                    "2211309132741963667446152772288893941",
                    "314499818934102249274366590317605633445",
                    "60127409765483707750429834818187857191",
                    "110368322462016207763720308856230096551",
                    "243085136989877707314293516460498842856",
                    "181365322987999571023930814792525569420",
                    "287963541367040651554239026872627822944",
                    "6505783995889100234817473492811845294",
                    "57400973875651212793008667707052487065",
                    "88092049941283478625452086767286432575",
                    "218175375021224294036182551920933626664",
                    "64142922673509667989197016159781850431",
                    "327898562147787758343382638938781560439",
                    "285080588398437311645964231559474726463",
                    "110147002580674932847094586965163761322",
                    "332309879023952032712620437244913442529",
                    "155946121083715331259485289821938407886",
                    "96904116332509127359643814884701377241",
                    "205872762650220297177931951087860379768",
                    "1111029685143574040244856939887598991",
                    "65312411719664685059535649062211493518",
                    "209734434698796692112594121059955644955",
                    "39408089645354374217261067310463496474",
                    "85218950246176746123588492263417506057",
                    "45736168974926315206028714276616155820",
                    "220204543802436265336368280612683167089",
                    "144328718532664173628615256486408231515",
                    "180718939313278496677208509002453749131",
                    "297249628106261305584859077725409549085",
                    "282955144541307006166479346492291846955",
                    "214965362890182111032528984216289857711",
                    "81740386452741016550921618961424037607"
                ]
            },
            "id": "ASB-A-268193384-82d11e40",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/5310c406400f71c2c540f23903a6766fbf58db1a"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-07-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "132571774483529516609662099898951184434",
                    "22041788483559470993617239323624207838",
                    "181715653843028515298128163874925865060",
                    "96853627072202321601979615406377984092",
                    "35707833216403351988236272620752795354",
                    "153103960569161125495775617616387482500",
                    "128112262627555017465909835982632558041",
                    "22423452510264765937188101476518394208",
                    "201297567626026053054381410250468052344",
                    "216828479439079589005912666973557691150",
                    "238201893559485299729845259349358622390",
                    "184937996436821298166663766140330792695",
                    "91438180961365072401019075459094006759",
                    "17874854355942956642492784558176459699",
                    "285528923098192370315874689093587187660",
                    "102835308541050052058603141002811192003",
                    "19518904023656751986520291534943964808",
                    "261965481524034096877717125562509900996",
                    "286549850467148299944658512757471371988",
                    "210616758342919391292852644640910818945",
                    "161313718679188801231329825053011233453",
                    "10949571485950084240958710614077174174",
                    "264756585375075799154155909639102410332",
                    "148923847263898729800592870768811317475",
                    "179806985211862734438686131839236963825",
                    "230596051586311103968818545896737972340",
                    "267851419220027037165903148821914121770",
                    "81495708825601022894960066669550446186",
                    "297935819184373740089850799222408589935",
                    "206113984682095361504639740730595505770",
                    "238261011871627776422000255855005089885",
                    "262646873950258666471571453293369551395",
                    "102600391902106702682419807621370759860",
                    "149149902581443407792017138648236229797",
                    "264504737646111351620858886196789293252",
                    "28618209267549212738061453449371712489",
                    "29292609383751632768932919098468725842",
                    "69622398026475285412081862090289296564",
                    "316358683519114412917156991234380283875",
                    "1342687973273497631998028962186828064",
                    "133766636878104501056106899777835466889",
                    "28930969451857573301108210190227089916",
                    "86897469178698484236564527640357834031",
                    "174276228665925202230280238338109409491",
                    "295479141426973499879685745116584997188",
                    "16098237895891796584290707411159125480",
                    "156490140419115255749861271637773236662",
                    "252771613810263997054874136950782560704",
                    "144455493909789576720390225522068412758",
                    "2211309132741963667446152772288893941",
                    "314499818934102249274366590317605633445",
                    "292474684822825910988116189062914156737",
                    "234946925786154710883389226056493191815",
                    "243085136989877707314293516460498842856",
                    "181365322987999571023930814792525569420",
                    "287963541367040651554239026872627822944",
                    "6505783995889100234817473492811845294",
                    "57400973875651212793008667707052487065",
                    "88092049941283478625452086767286432575",
                    "218175375021224294036182551920933626664",
                    "64142922673509667989197016159781850431",
                    "327898562147787758343382638938781560439",
                    "285080588398437311645964231559474726463",
                    "110147002580674932847094586965163761322",
                    "332309879023952032712620437244913442529",
                    "155946121083715331259485289821938407886",
                    "96904116332509127359643814884701377241",
                    "205872762650220297177931951087860379768",
                    "1111029685143574040244856939887598991",
                    "65312411719664685059535649062211493518",
                    "209734434698796692112594121059955644955",
                    "39408089645354374217261067310463496474",
                    "85218950246176746123588492263417506057",
                    "45736168974926315206028714276616155820",
                    "220204543802436265336368280612683167089",
                    "144328718532664173628615256486408231515",
                    "180718939313278496677208509002453749131",
                    "297249628106261305584859077725409549085",
                    "282955144541307006166479346492291846955",
                    "214965362890182111032528984216289857711",
                    "81740386452741016550921618961424037607"
                ]
            },
            "id": "ASB-A-268193384-2a885791",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 3147.0,
                "function_hash": "73505647024693645132513539336734096974"
            },
            "id": "ASB-A-268193384-8dcb998e",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "launchDeepLinkIntentToRight"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 590.0,
                "function_hash": "67926581386142622117586339217099678821"
            },
            "id": "ASB-A-268193384-952a8813",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "hasPrivilegedAccess"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 1818.0,
                "function_hash": "323717327403809139241625132155155745191"
            },
            "id": "ASB-A-268193384-bf6dc4b4",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 134.0,
                "function_hash": "185356596428023858437853145324850024203"
            },
            "id": "ASB-A-268193384-fedcba1a",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/homepage/SettingsHomepageActivity.java",
                "function": "isCallingAppPermitted"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/0f13f70655099543ba34eb8aeaa74b34a3993a3b"
    ],
    "spl": "2023-07-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}