{"id":"ASB-A-257443065", "published":"2023-07-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-21257", "A-257443065"], "details":"In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-07-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"59248572480963060094752201320419215239", "length":5262}, "id":"ASB-A-257443065-310a8784", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf", "target":{"file":"services/core/java/com/android/server/pm/InstallPackageHelper.java", "function":"updateSettingsInternalLI"}}, {"deprecated":false, "digest":{"line_hashes":["153467675175800175962888267713453816060", "215537321862713657399570465190911351763", "14756191442787275991622645710270436802", "170982238663646153455825644688940397641", "150142571880650494651637258185062747944", "15635671695272049313199357078984455922", "137425685871481753609245383687888395581"], "threshold":0.9}, "id":"ASB-A-257443065-65ea6b42", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/febe3918020a94b2af48ade98eb6a49cdd4a3bdf", "target":{"file":"services/core/java/com/android/server/pm/InstallPackageHelper.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-07-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"4222137068855988299654110975963124951", "length":5068}, "id":"ASB-A-257443065-070cf729", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985", "target":{"file":"services/core/java/com/android/server/pm/InstallPackageHelper.java", "function":"updateSettingsInternalLI"}}, {"deprecated":false, "digest":{"line_hashes":["151981888837245236717676532140197522632", "6716612515192305523447968849324276043", "228158732552534766263143569986709366128", "234907804752039537257925342169604273720", "249064722261673849036953928188340551639", "212681092029670554093991325374612992516"], "threshold":0.9}, "id":"ASB-A-257443065-b2d33c00", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/28e133dff148cf8f43c551073000a459a1573985", "target":{"file":"services/core/java/com/android/server/pm/InstallPackageHelper.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-07-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/1aec7feaf07e6d4568ca75d18158445dbeac10f6"}]}