3 matches found
CVE-2024-34723
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-34723
Summary: CVE-2024-34723 describes a logic error in Android’s ParcelableListBinder.java (onTransact) that could enable local elevation of privilege by stealing the mAllowlistToken to launch an app from the background, without extra privileges or user interaction. The vulnerability is tied to how P...
CVE-2024-34723
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...