Lucene search
GoogleOSV:ASB-A-140108616HistoryAug 01, 2020 - 12:00 a.m.
Bypassing background execution restrictions
2020-08-0100:00:00
Google
osv.dev
12
EPSS
0
Percentile
5.1%
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
android.googlesource.com/platform/frameworks/base/+/0a163302b0288cdc4d9ca5e04398386ef8e1ec6b
android.googlesource.com/platform/frameworks/base/+/45a53e6cb8d3276126cfe0e717ad7ed486d39b24
android.googlesource.com/platform/packages/apps/Settings/+/36f182159ffae1f14a1733a3bb1334cdd9d44742
android.googlesource.com/platform/packages/services/Car/+/d2d8933e006efc251fda52e6807807d107f2ca12
source.android.com/security/bulletin/2020-08-01
Related
cve
cve
CVE-2020-0108
2020-08-11 20:15:11
prion
prion
Design/Logic Flaw
2020-08-11 20:15:00
cvelist
cvelist
CVE-2020-0108
2020-08-11 19:25:49
nvd
nvd
CVE-2020-0108
2020-08-11 20:15:11
githubexploit
githubexploit
Exploit for Improper Handling of Exceptional Conditions in Google Android
2020-08-05 04:50:42
Exploit for Improper Handling of Exceptional Conditions in Google Android
2020-12-06 13:27:33
threatpost
threatpost
High-Severity Android RCE Flaw Fixed in August Security Update
2020-08-05 16:14:26