Headline
CVE-2023-21280
In setMediaButtonBroadcastReceiver of MediaSessionRecord.java, there is a possible permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
)]}’ { "commit": "06e772e05514af4aa427641784c5eec39a892ed3", "tree": "0a82d1a5e5179db0b679917ee76e2e43ca63110f", "parents": [ “a65429742caf05205ea7f1c2fdd1119ca652b810” ], "author": { "name": "Iván Budnik", "email": "[email protected]", "time": “Tue Apr 04 17:58:26 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:05 2023 +0000” }, "message": "Validate ComponentName for MediaButtonBroadcastReceiver\n\nThis is a security fix for b/270049379.\n\nBug: 270049379\nTest: atest CtsMediaMiscTestCases\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c573c83a2aa36ca022302f675d705518dd723a3c)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ba546a306217389a8ff9e5e948612651fd496081)\nMerged-In: I05626f7abf1efef86c9e01ee3f077d7177d7f662\nChange-Id: I05626f7abf1efef86c9e01ee3f077d7177d7f662\n", "tree_diff": [ { "type": "modify", "old_id": "84ecc06d172f9922beef8a77949df5eac5e14938", "old_mode": 33188, "old_path": "media/java/android/media/session/MediaSession.java", "new_id": "09eff9e4e13aa7be73869dd7f92050300a0a13d5", "new_mode": 33188, "new_path": “media/java/android/media/session/MediaSession.java” }, { "type": "modify", "old_id": "1bd50632ccbf7258d2addfb5667d791f877fcbe3", "old_mode": 33188, "old_path": "services/core/java/com/android/server/media/MediaSessionRecord.java", "new_id": "cc4895ffaf24a7a3e0bab6d4c364801ea7b72d14", "new_mode": 33188, "new_path": “services/core/java/com/android/server/media/MediaSessionRecord.java” } ] }
Related news
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.