CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

In multiple locations, there is a possible way to bypass user notification of foreground services due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Product Status

Learn more

Versions 4 Total

Default Status: unaffected

affected

References 2 Total

https://android.googlesource.com/platform/frameworks/base/+/d26544e5a4fd554b790b4d0c5964d9e95d9e626b
external site
https://source.android.com/security/bulletin/2023-10-01
external site

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 2 Total

https://android.googlesource.com/platform/frameworks/base/+/d26544e5a4fd554b790b4d0c5964d9e95d9e626b
external site
x_transferred
https://source.android.com/security/bulletin/2023-10-01
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: Android (associated with Google Inc. or Open Handset Alliance)

Description

Product Status

References 2 Total

CVE Program

References 2 Total