Exploit for Special Element Injection in Google Android

CVE 2024 0044 CVE-2024-0044, identified in the createSessionI...

Google Android elevation of privilege vulnerability (CNVD-2023-55374)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in the multiple functions code of the PackageInstallerService.java and related files component, which can be exploited b...

Xxe

In createSessionInternal of PackageInstallerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138650665...

CVE-2019-2199

CVE-2019-2199 affects Android 10, where in PackageInstallerService.java’s createSessionInternal a permissions bypass could enable local elevation of privilege to System level. No exploitation details are provided beyond that; impact is local and requires no user interaction. The Android Security ...