ASB-A-281044385
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-281044385.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-281044385
- Aliases
-
- A-281044385
- CVE-2024-43084
- Published
- 2024-11-01T00:00:00Z
- Modified
- 2024-11-06T16:12:12.008079Z
- Summary
- [none]
- Details
-
In visitUris of multiple files, there is a possible information disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"10510999966334574279305722242451318199",
"45624935327614318953256630095580261923",
"88862101754165718251039929288440973010",
"123442478213385419831478048965200226762",
"261571390405565706709003200902133125804",
"45883897862656844072827701537777195070",
"142764219807960318275023873616153889276",
"155373235451303780094325786996518966673",
"49981588967733474517399634290453951563",
"83286379831050784995635899275405895041",
"243555200852200659624259429292278405497",
"155373235451303780094325786996518966673",
"49981588967733474517399634290453951563",
"184378576880802386689416999093283739996",
"191806936659674396850792655262886060745",
"21235937052953042572597888800073948978",
"200180594152380276820622654550619540821",
"29079217341050940120791020350458989067",
"81595622362258368310746865327607710615",
"302086928097423432627172955140172345953",
"173993705994644571187001930534900680128",
"81713959684661101519637763887157616690",
"219374834455587785019446754860677867943",
"124672837057353313624121635866941804072",
"54451855161250744561465910213750156585",
"93626569860004836606333716824471718244",
"149247579473422910260981314518031220889",
"27219370413290196648737613963397520106",
"233859046065629953084836555122924572024",
"319564703865883751452108161908231449715",
"75407180318704451699303769443305508093",
"161647537139600399971971420418828399569",
"42215653947126611667948844128824813674",
"162365430782717823755100250245402003271",
"225668494625327505211209031266487151798",
"160613521035711799537827983944293222081",
"200322272169322909612143317388256242218",
"222512300424861850237015065106727888205",
"52959140454601314760806148885371656096"
]
},
"id": "ASB-A-281044385-832e8fce",
"source": "https://android.googlesource.com/platform/frameworks/base/+/57bf60dd7b6a0a0e9785231f8ec25a458fedde64",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/widget/RemoteViews.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"15-next"
],
"digest": {
"length": 80.0,
"function_hash": "288860386835197189624262581952663062056"
},
"id": "ASB-A-281044385-943db91a",
"source": "https://android.googlesource.com/platform/frameworks/base/+/47fa2f79584b0a4e9ca7e9c6b237c4e5cf699032",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/app/Person.java",
"function": "visitUris"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"15-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"81780510925217913499770296184564214094",
"139543985378760233612091164945055767821",
"116210352605243371856843879751749052626",
"214019929480860862798213677602168558104"
]
},
"id": "ASB-A-281044385-e62b1f70",
"source": "https://android.googlesource.com/platform/frameworks/base/+/47fa2f79584b0a4e9ca7e9c6b237c4e5cf699032",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/app/Person.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/57bf60dd7b6a0a0e9785231f8ec25a458fedde64",
"https://android.googlesource.com/platform/frameworks/base/+/47fa2f79584b0a4e9ca7e9c6b237c4e5cf699032"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"ID"
]
}
Android / platform/frameworks/base
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"324233427981781607540306433621735949661",
"100443303332856064647616907382766947770",
"116901932119578119237439007551822577935",
"249512720415688618493908272044403684542",
"781225146328105575814677055182072393",
"201520778652802430645411465180549161940",
"275031627355662767670014368247287897901",
"281732678064438727946495070623556209283",
"119091735977763546063692168043607642164",
"250638055627944970047384174701610575040",
"88299794168774314635044546257261857265",
"180262050703456585785769205171919383845",
"111010618835311138444835914450006549286",
"69786244909812671898944025900688175323",
"216588021725256539435549669659028307145",
"251798009144440653857833564898080930463",
"204285425078065425977243654658516906718",
"48970497240407572097776512813103235977",
"94526450022358076459367478520942778064",
"297063688750133243909181906014086899189",
"150974507026362302543711859426234228469",
"337979760446688541559158736326994342903",
"19432528061896917112512453997124569067",
"251798009144440653857833564898080930463",
"204285425078065425977243654658516906718",
"48970497240407572097776512813103235977",
"94526450022358076459367478520942778064",
"119821710043475485789480489848169728250",
"46092162532536089214777198820882741896",
"107580237107027849264680602071594189886",
"54740049773401477292474369128753111796",
"4292976705506092068557017503360379564",
"301143970752192652531151239206505908981",
"224427651954754293187423663481894239758",
"29984996119810792357635301028200065016"
]
},
"id": "ASB-A-281044385-31a1f2b6",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f47b41a138ebd60f7b518fb6a9d8aa8230488422",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/app/Notification.java"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"14"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"263836019758200982776463401040620721465",
"247546774655072607342278836609046467938",
"60521504124628552930342395875500525768",
"282050567308648304240900420240262779473",
"2718882073265626309970603630629726759",
"158170123605905798769055961164006144147",
"155955290926441644593181321547220907309"
]
},
"id": "ASB-A-281044385-5fb76aa0",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f47b41a138ebd60f7b518fb6a9d8aa8230488422",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/app/Person.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2918.0,
"function_hash": "235136704030483129950801109094316813419"
},
"id": "ASB-A-281044385-d63b724e",
"source": "https://android.googlesource.com/platform/frameworks/base/+/f47b41a138ebd60f7b518fb6a9d8aa8230488422",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "core/java/android/app/Notification.java",
"function": "visitUris"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/f47b41a138ebd60f7b518fb6a9d8aa8230488422"
],
"spl": "2024-11-01",
"severity": "High",
"types": [
"ID"
]
}