ASB-A-289549315

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-289549315.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-289549315
Aliases
  • A-289549315
  • CVE-2023-40105
Published
2023-11-01T00:00:00Z
Modified
2024-08-07T19:29:11.729584Z
Summary
Package name ownership not checked in ActivityManagerService#backupAgentCreated
Details

In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14-next:0
Fixed
14-next:2023-11-01

Affected versions

Other

14-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "295747577431459138783214723720080232905",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-0e2eedb5",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/183d815b456a3dfa8146a90e81a060a57a6b56e0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1160.0,
                "function_hash": "288738322659701627884182541415328348424"
            },
            "id": "ASB-A-289549315-44d6db3c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/183d815b456a3dfa8146a90e81a060a57a6b56e0",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/183d815b456a3dfa8146a90e81a060a57a6b56e0"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2023-11-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "12259460893973178711972545920123660292",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-4bee8e2e",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/52b91363583c4e2b68f1a818b067cefe04809285",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1154.0,
                "function_hash": "250283915054302396442595387451130498803"
            },
            "id": "ASB-A-289549315-c8b48ff3",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/52b91363583c4e2b68f1a818b067cefe04809285",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/52b91363583c4e2b68f1a818b067cefe04809285"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12:0
Fixed
12:2023-11-01

Affected versions

Other

12

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "12259460893973178711972545920123660292",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-4ce1b6e7",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ebdcc72a235d6b2a65e1d1c99d7a9eb89f309357",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1160.0,
                "function_hash": "288738322659701627884182541415328348424"
            },
            "id": "ASB-A-289549315-e72cdff0",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/ebdcc72a235d6b2a65e1d1c99d7a9eb89f309357",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/ebdcc72a235d6b2a65e1d1c99d7a9eb89f309357"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12L:0
Fixed
12L:2023-11-01

Affected versions

Other

12L

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 1160.0,
                "function_hash": "288738322659701627884182541415328348424"
            },
            "id": "ASB-A-289549315-0f9c47fe",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4a82aa857eb738d3334a896dac525abf3b32c5bf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "12259460893973178711972545920123660292",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-7b2c915c",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/4a82aa857eb738d3334a896dac525abf3b32c5bf",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/4a82aa857eb738d3334a896dac525abf3b32c5bf"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-11-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "295747577431459138783214723720080232905",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-06f46722",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c31434d6a097f815e8daec899ba92348487cbfac",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1160.0,
                "function_hash": "288738322659701627884182541415328348424"
            },
            "id": "ASB-A-289549315-72dff895",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/c31434d6a097f815e8daec899ba92348487cbfac",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/c31434d6a097f815e8daec899ba92348487cbfac"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/frameworks/base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2023-11-01

Affected versions

Other

14

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "295747577431459138783214723720080232905",
                    "104986103895883280973484033654450783550",
                    "200932986351792462262403114396539000858",
                    "13293847349918228768530318403612346856",
                    "119089759048065327889787429548575806089",
                    "103222781888017295237712909037069379684",
                    "305953945846036139880356385746645401116",
                    "170762878817648619129649734788323132715",
                    "73295037082427983513118367576593935300",
                    "31364012517850101724274379464464592783",
                    "110469676561001990110449437251258005111",
                    "44785600318475085707930050683937806470",
                    "213847325994902213538424559586698988120"
                ]
            },
            "id": "ASB-A-289549315-093c9362",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/859abb58cdc7d66dbd22e7d02994509c4bba0416",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 1160.0,
                "function_hash": "288738322659701627884182541415328348424"
            },
            "id": "ASB-A-289549315-8266a20a",
            "source": "https://android.googlesource.com/platform/frameworks/base/+/859abb58cdc7d66dbd22e7d02994509c4bba0416",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "services/core/java/com/android/server/am/ActivityManagerService.java",
                "function": "backupAgentCreated"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/frameworks/base/+/859abb58cdc7d66dbd22e7d02994509c4bba0416"
    ],
    "spl": "2023-11-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}