11 matches found
CVE-2024-0046
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-43081
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android elevation of privilege vulnerability (CNVD-2024-41861)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a logic error in assertPackageWithSharedUserIdIsPrivileged in InstallPackageHelper.java, which can be exploited by an attacker to escalate privilege...
CVE-2024-23710
In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
ASB-A-311374917
In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
CVE-2024-0046
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0046
CVE-2024-0046 involves a logic error in InstallPackageHelper.java (installExistingPackageAsUser) that can bypass carrier restrictions, enabling local privilege escalation without additional execution privileges or user interaction. The vulnerability affects Android framework code and is rated hig...
CVE-2023-21257
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21257
CVE-2023-21257 is an Android Framework elevation-of-privilege issue. In the function updateSettingsInternalLI of InstallPackageHelper.java , a missing permission check could allow sideloading an app into the work profile, enabling local privilege escalation with no extra execution privileges requ...
CVE-2023-21116
In verifyReplacingVersionCode of InstallPackageHelper.java, there is a possible way to downgrade system apps below system image version due to a logic error in the code. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...