Headline
CVE-2023-21281
In multiple functions of KeyguardViewMediator.java, there is a possible failure to lock after screen timeout due to a logic error in the code. This could lead to local escalation of privilege across users with no additional execution privileges needed. User interaction is not needed for exploitation.
)]}’ { "commit": "badb243574d7fca9aa89152d9d25eeb4f8615385", "tree": "9326e3afec08486cb46575bbbde3fc6a1d92d5c6", "parents": [ “0c3b7ec3377e7fb645ec366be3be96bb1a252ca1” ], "author": { "name": "Chandru S", "email": "[email protected]", "time": “Tue May 16 10:41:07 2023 -0700” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu Jun 08 20:34:29 2023 +0000” }, "message": "Use Settings.System.getIntForUser instead of getInt to make sure user specific settings are used\n\nBug: 265431505\nTest: atest KeyguardViewMediatorTest\n(cherry picked from commit 625e009fc195ba5d658ca2d78ebb23d2770cc6c4)\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:dbdfadc24c81453c9c51e0d549b0ace924f4341e)\nMerged-In: I66a660c091c90a957a0fd1e144c013840db3f47e\nChange-Id: I66a660c091c90a957a0fd1e144c013840db3f47e\n", "tree_diff": [ { "type": "modify", "old_id": "89994b0c228d5c7ff47d233f719f81723bbe3709", "old_mode": 33188, "old_path": "packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java", "new_id": "5d086e833e14a5f3909946425b4fb80baf24efa8", "new_mode": 33188, "new_path": “packages/SystemUI/src/com/android/systemui/keyguard/KeyguardViewMediator.java” } ] }
Related news
Vulnerability of identity verification being bypassed in the face unlock module. Successful exploitation of this vulnerability will affect integrity and confidentiality.
DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart.
In doKeyguardLocked of KeyguardViewMediator.java, there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.