3 matches found
Silent Consent, Persistent Risk: Android Permission Groups and Custom Permissions
Android's permission system is designed to balance usability with informed consent, yet two legacy mechanisms still undermine that balance in Android 16: i permission groups that silently auto-grant new permissions within a group after a user's initial approval, and ii normal-level custom...
CVE-2026-45254
CVE-2026-45254 concerns the cap_net service where omitting a key from a new limit causes the missing key to be treated as “allow any” rather than rejected. The available connected docs confirm this exact behavior and describe its impact: an application that previously restricted a subset of netwo...
FreeBSD -- Incorrect libcap_net limitation list manipulation
Problem Description: In the case of the capnet service, when a key present in the old limit was omitted from the new limit, the missing key was treated as "allow any" instead of being rejected. Impact: In certain scenarios, an application that had previously restricted a subset of network...