5 matches found
EUVD-2025-201750
In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48615
In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40111
In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of systemserver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-40111
In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of systemserver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
PT-2023-18059 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions prior to the fixed version Description: The issue is related to a possible permanent denial of service DoS due to resource exhaustion in the setMediaButtonBroadcastReceiver function of MediaSessionRecord.java. This could lead...