CVE-2026-0021

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android that stems from a logic error in the hasInteractAcrossUsersFullPermission function in AppInfoBase.java, which could lead to a local elevation of...

PT-2025-35629

Name of the Vulnerable Software and Affected Versions: AppInfoBase.java affected versions not specified Description: A logic error in the hasInteractAcrossUsersFullPermission function within the AppInfoBase.java file may allow granting permissions to an application on a secondary user from a...

CVE-2024-43088

In multiple functions in AppInfoBase.java, there is a possible way to manipulate app permission settings belonging to another user on the device due to a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges neede...