{"id":"ASB-A-253043490", "published":"2023-08-01T00:00:00Z", "modified":"2026-04-08T15:00:25.631816748Z", "aliases":["CVE-2023-21140", "A-253043490"], "details":"In onCreate of ManagePermissionsActivity.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with physical access to a device that's been factory reset with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/modules/Permission", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-08-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Permission/+/df252474fd06e6c32bdfc139cc4ae6652ff634b8"], "severity":"High", "spl":"2023-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"19550475777279499778566048034414586681", "length":9798}, "id":"ASB-A-253043490-74ba7f93", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/df252474fd06e6c32bdfc139cc4ae6652ff634b8", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["248349732906043956064980509565774782156", "283656740424355907390535518213267350112", "143758378226874456382843457310206284939", "68253136204695582412165319054757246568", "122172952947234953401504464214546525630", "195303676814766850257551404529581926429", "318667993667043690101703295441056620895"], "threshold":0.9}, "id":"ASB-A-253043490-a8347857", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/df252474fd06e6c32bdfc139cc4ae6652ff634b8", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java"}}]}}, {"package":{"name":"platform/packages/modules/Permission", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-08-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Permission/+/5e297ab51388db5375093f7dc21d37bd59de827c"], "severity":"High", "spl":"2023-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"158329375275023421078547036698727559324", "length":7160}, "id":"ASB-A-253043490-1233a94f", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/5e297ab51388db5375093f7dc21d37bd59de827c", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["102272497511510792636288077474635019966", "73830320043416912536756213596268634802", "334814977310204735028133236293272434200", "214950123086942979686128144202008858930", "122172952947234953401504464214546525630", "195303676814766850257551404529581926429", "318667993667043690101703295441056620895"], "threshold":0.9}, "id":"ASB-A-253043490-ebfa433f", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/5e297ab51388db5375093f7dc21d37bd59de827c", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java"}}]}}, {"package":{"name":"platform/packages/modules/Permission", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-08-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Permission/+/8ba7136f816cd1b0182dc4c3a5cd70d023cad48e"], "severity":"High", "spl":"2023-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"34104573745813964544688129800069138067", "length":7185}, "id":"ASB-A-253043490-86970ca0", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/8ba7136f816cd1b0182dc4c3a5cd70d023cad48e", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["102272497511510792636288077474635019966", "73830320043416912536756213596268634802", "334814977310204735028133236293272434200", "214950123086942979686128144202008858930", "122172952947234953401504464214546525630", "195303676814766850257551404529581926429", "318667993667043690101703295441056620895"], "threshold":0.9}, "id":"ASB-A-253043490-b1cc1558", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/8ba7136f816cd1b0182dc4c3a5cd70d023cad48e", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java"}}]}}, {"package":{"name":"platform/packages/modules/Permission", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-08-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Permission/+/8a6f1f59d6cb5367f0c88980a75ddc227dba956a"], "severity":"High", "spl":"2023-08-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["248349732906043956064980509565774782156", "188298556496395972709875190714230932667", "232483192585281304532110593037372097532", "31072592749161546704343042741305513274", "122172952947234953401504464214546525630", "195303676814766850257551404529581926429", "318667993667043690101703295441056620895"], "threshold":0.9}, "id":"ASB-A-253043490-ac2b2350", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/8a6f1f59d6cb5367f0c88980a75ddc227dba956a", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java"}}, {"deprecated":false, "digest":{"function_hash":"42122007481256104765885868242226930324", "length":8670}, "id":"ASB-A-253043490-c9bb99ef", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Permission/+/8a6f1f59d6cb5367f0c88980a75ddc227dba956a", "target":{"file":"PermissionController/src/com/android/permissioncontroller/permission/ui/ManagePermissionsActivity.java", "function":"onCreate"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-08-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/modules/Permission/+/0679e4f35055729be7276536fe45fe8ec18a0453"}]}