CVE-2023-21145

In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2023-18050 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: In the startActivityInner function of ActivityStarter.java, there is a possible way to launch an activity into Picture-in-Picture PiP mode from the background due to a bypass of the...

CVE-2023-21145

In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from a logic error in the code in Connectivity that could bypass the restriction of launching activities from the background, whic...