Headline
CVE-2023-21279
In visitUris of RemoteViews.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
)]}’ { "commit": "155b14600fb13553a47b4e45fe0acd163da07453", "tree": "3cf9fcc3aa0cdf2ce9f32a1f32b537fd445acc9e", "parents": [ “70ec64dc5a2a816d6aa324190a726a85fd749b30” ], "author": { "name": "Ioana Alexandru", "email": "[email protected]", "time": “Tue May 23 16:26:41 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:18 2023 +0000” }, "message": "Check URIs in sized remote views.\n\nBug: 277741109\nTest: atest RemoteViewsTest\n(cherry picked from commit ae0d45137b0f8ea49a085bbce4d39f901685c4a5)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:902f020bc81e5b584d5cb0276568b888a728fc4a)\nMerged-In: Iceb33606da3a49b9638ab21aeae17a168c1b411a\nChange-Id: Iceb33606da3a49b9638ab21aeae17a168c1b411a\n", "tree_diff": [ { "type": "modify", "old_id": "25f97ab0994486e0671a4cc5f2b3d844db1a342e", "old_mode": 33188, "old_path": "core/java/android/widget/RemoteViews.java", "new_id": "406c7694e5033d2967e0f893224fb9f4218f3e61", "new_mode": 33188, "new_path": “core/java/android/widget/RemoteViews.java” }, { "type": "modify", "old_id": "350b7fc2926f728a097be4d0ffbd0a25db4f0e2f", "old_mode": 33188, "old_path": "core/tests/coretests/src/android/widget/RemoteViewsTest.java", "new_id": "e0cccf2f52008ebfb7a63b47baa2e5eb417e5fe9", "new_mode": 33188, "new_path": “core/tests/coretests/src/android/widget/RemoteViewsTest.java” } ] }
Related news
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.