ASB-A-330722900 — Vulnetix

ASB-A-330722900 PUBLISHED

In onReceive of AppRestrictionsFragment.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Products

Vendor	Product	Versions
platform	packages/apps/Settings	15-next:0, 15-next, 12:0

Timeline

Nov 1, 2024 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2024-11-01 advisory
https://android.googlesource.com/platform/packages/apps/Settings/+/26ce013dfd7e59a451acc66e7f05564e0884d46b patch

Open in Interactive Console →