VDB
ASB-A-265798353
ASB-A-265798353
PUBLISHED
In run of multiple files, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | packages/apps/Settings | 13-next:0, 13, * |
| platform | packages/apps/TvSettings | 13, 13-next:0, 13-next |
| platform | packages/apps/Car/Settings | 13-next:0, 13, * |
Timeline
- Jun 1, 2023 CVE Published
- May 15, 2026 CVE Updated
References
- https://source.android.com/security/bulletin/2023-06-01 advisory
- https://android.googlesource.com/platform/packages/apps/Car/Settings/+/b38de797e506d274f80475c41844e568f171e985 patch
- https://android.googlesource.com/platform/packages/apps/Car/Settings/+/f88226abae41f35c8b7cb9daa84675573882f7b3 patch
- https://android.googlesource.com/platform/packages/apps/Settings/+/a1b811b82e2a876d65c70a23c9bcbf39060d898a patch
- https://android.googlesource.com/platform/packages/apps/TvSettings/+/f790bbbc373fcb9d50ee9a1a5e934d044c81624b patch