Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-21285

In setMetadata of MediaSessionRecord.java, there is a possible way to view another user’s images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE
#android#google#java#auth

)]}’ { "commit": "0c3b7ec3377e7fb645ec366be3be96bb1a252ca1", "tree": "222d88340ccc012d992e39a87f195bf64b661b69", "parents": [ “9b58aee2a4528c60b0aa2540bd0f48d2871d2dc7” ], "author": { "name": "Michael Mikhail", "email": "[email protected]", "time": “Fri May 26 19:41:21 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:25 2023 +0000” }, "message": "DO NOT MERGE\nVerify URI permissions in MediaMetadata\n\nAdd a check for URI permission to make sure that user can access the URI\nset in MediaMetadata. If permission is denied, clear the URI string set\nin metadata.\n\nBug: 271851153\nTest: atest MediaSessionTest\nTest: Verified by POC app attached in bug, image of second user is not\nthe UMO background of the first user.\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:277e7e05866a3da3c5871c071231b2b7c911d81e)\nMerged-In: I932d5d5143998db89d7132ced84faffa4a0bd5aa\nChange-Id: I932d5d5143998db89d7132ced84faffa4a0bd5aa\n", "tree_diff": [ { "type": "modify", "old_id": "cc4895ffaf24a7a3e0bab6d4c364801ea7b72d14", "old_mode": 33188, "old_path": "services/core/java/com/android/server/media/MediaSessionRecord.java", "new_id": "b459cfe6b44eb8575123a1efdfb58acac91ca2b0", "new_mode": 33188, "new_path": “services/core/java/com/android/server/media/MediaSessionRecord.java” } ] }

Related news

CVE-2023-39408: September

DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.

CVE-2023-21267: Android Security Bulletin—August 2023

In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907