Headline
CVE-2023-21268
In update of MmsProvider.java, there is a possible way to change directory permissions due to a path traversal error. This could lead to local denial of service of SIM recognition with no additional execution privileges needed. User interaction is not needed for exploitation.
)]}’ { "commit": "ca4c9a19635119d95900793e7a41b820cd1d94d9", "tree": "10a217874e356ddf10d92a0fc0d72f66fd807e62", "parents": [ “64d5bddce84ecae1648949ba2faed1950919db4d” ], "author": { "name": "Aishwarya Mallampati", "email": "[email protected]", "time": “Wed May 10 21:54:43 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:50 2023 +0000” }, "message": "Update file permissions using canonical path\n\nBug: 264880895\nBug: 264880689\nTest: atest android.telephonyprovider.cts.MmsPartTest\n atest CtsTelephonyTestCases\n Sanity check - sending and receiving sms and mms manually\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:6743638a096c32627f398efd2ea78f08b8a2db8c)\nMerged-In: I8dd888ea31ec07c9f0de38eb8e8170d3ed255686\nChange-Id: I8dd888ea31ec07c9f0de38eb8e8170d3ed255686\n", "tree_diff": [ { "type": "modify", "old_id": "5ddd6ac80f2c1d4e328d04b88413de4a9c8bcf19", "old_mode": 33188, "old_path": "src/com/android/providers/telephony/MmsProvider.java", "new_id": "18f170a3e8920b0196a09468b07986e733dda1b9", "new_mode": 33188, "new_path": “src/com/android/providers/telephony/MmsProvider.java” } ] }
Related news
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.