Headline
CVE-2023-21238
In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
)]}’ { "commit": "91bfcbbd87886049778142618a655352b16cd911", "tree": "abbfffbd6ed474912186f60a8b965eb7344987d0", "parents": [ “1aec7feaf07e6d4568ca75d18158445dbeac10f6” ], "author": { "name": "Ioana Alexandru", "email": "[email protected]", "time": “Thu Apr 27 12:36:05 2023 +0000” }, "committer": { "name": "Android Build Coastguard Worker", "email": "[email protected]", "time": “Thu May 11 18:41:05 2023 +0000” }, "message": "Visit URIs in landscape/portrait custom remote views.\n\nBug: 277740848\nTest: atest RemoteViewsTest NotificationManagerServiceTest \u0026 tested with POC from bug\n(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b4692946c10d11c1e935869e11dc709a9cdcba69)\nMerged-In: I7d3d35df0ec38945019f71755bed8797b7af4517\nChange-Id: I7d3d35df0ec38945019f71755bed8797b7af4517\n", "tree_diff": [ { "type": "modify", "old_id": "2879cd888d2d85c957c9372eefdbfc1a1cd2f017", "old_mode": 33188, "old_path": "core/java/android/widget/RemoteViews.java", "new_id": "4a920e3b71dbfadd3838ed305c470ee87647f0da", "new_mode": 33188, "new_path": “core/java/android/widget/RemoteViews.java” }, { "type": "modify", "old_id": "00b3693c902bb579c2d440e7776813224eb42929", "old_mode": 33188, "old_path": "core/tests/coretests/src/android/widget/RemoteViewsTest.java", "new_id": "a9d3ce51b2c3d5420cff05ca6748cd251ae1cad6", "new_mode": 33188, "new_path": “core/tests/coretests/src/android/widget/RemoteViewsTest.java” } ] }
Related news
In SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities via Settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.