ASB-A-277741109

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-277741109.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-277741109
Aliases
  • A-277741109
  • CVE-2023-21279
Published
2023-08-01T00:00:00Z
Modified
2024-08-07T19:29:49.726452Z
Summary
ADP Grant - Enumerating other users' photos by posting a notification with mSizedRemoteViews
Details

In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-08-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 316.0,
                "function_hash": "332780869755485867808535814879376698615"
            },
            "id": "ASB-A-277741109-445cf1e3",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/1327550f2e6a36b33473ad82ae52377de644833b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java",
                "function": "visitUris"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "18893358093154404341348852068354358806",
                    "275218925872896456245916266479716530481",
                    "10039153857474388100689592245698426073",
                    "248275908032692090292148866998833167361"
                ]
            },
            "id": "ASB-A-277741109-c9fed530",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/1327550f2e6a36b33473ad82ae52377de644833b",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/1327550f2e6a36b33473ad82ae52377de644833b"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-08-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "18893358093154404341348852068354358806",
                    "275218925872896456245916266479716530481",
                    "10039153857474388100689592245698426073",
                    "248275908032692090292148866998833167361"
                ]
            },
            "id": "ASB-A-277741109-14ac3a57",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 316.0,
                "function_hash": "332780869755485867808535814879376698615"
            },
            "id": "ASB-A-277741109-a73d40cd",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java",
                "function": "visitUris"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-08-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 316.0,
                "function_hash": "332780869755485867808535814879376698615"
            },
            "id": "ASB-A-277741109-143df73a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java",
                "function": "visitUris"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "18893358093154404341348852068354358806",
                    "275218925872896456245916266479716530481",
                    "10039153857474388100689592245698426073",
                    "248275908032692090292148866998833167361"
                ]
            },
            "id": "ASB-A-277741109-17521968",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/ae0d45137b0f8ea49a085bbce4d39f901685c4a5"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-08-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 316.0,
                "function_hash": "332780869755485867808535814879376698615"
            },
            "id": "ASB-A-277741109-bf2806a7",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/902f020bc81e5b584d5cb0276568b888a728fc4a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java",
                "function": "visitUris"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "18893358093154404341348852068354358806",
                    "275218925872896456245916266479716530481",
                    "10039153857474388100689592245698426073",
                    "248275908032692090292148866998833167361"
                ]
            },
            "id": "ASB-A-277741109-bf4ebeeb",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/902f020bc81e5b584d5cb0276568b888a728fc4a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "core/java/android/widget/RemoteViews.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/902f020bc81e5b584d5cb0276568b888a728fc4a"
    ],
    "spl": "2023-08-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}