2 matches found
CVE-2021-39704
In deleteNotificationChannelGroup of NotificationManagerService.java, there is a possible way to run foreground service without user notification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2021-39704
CVE-2021-39704 affects Android platforms (Android 10, 11, 12) and is tied to the NotificationManagerService.deleteNotificationChannelGroup. The issue enables a local elevation of privilege by bypassing a permission, allowing a foreground service to run without a user notification and without user...