ASB-A-273260090 — Vulnetix

ASB-A-273260090 PUBLISHED

In onNullBinding of CallRedirectionProcessor.java, there is a possible long lived connection due to improper input validation. This could lead to local escalation of privilege and background activity launches with User execution privileges needed. User interaction is not needed for exploitation.

Affected Products

Vendor	Product	Versions
platform	packages/services/Telecomm	13-next:0, 13-next, 11:0

Timeline

Jun 1, 2023 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2023-06-01 advisory
https://android.googlesource.com/platform/packages/services/Telecomm/+/33368bad6f837f1084da8e71917653817e714b1d patch

Open in Interactive Console →