3 matches found
CVE-2022-20356
In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
CVE-2022-20356
In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to start foreground service from background due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...
CVE-2022-20356
CVE-2022-20356 affects Android 11/12/12L via the shouldAllowFgsWhileInUsePermissionLocked path in ActiveServices.java. The root cause is improper input validation, allowing a foreground service to be started from the background, causing local elevation of privilege with no additional execution pr...