{"id":"ASB-A-273729476", "published":"2023-07-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-21246", "A-273729476"], "details":"In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-07-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/9f3b191d04144e332daceeec2b4f64d295fdf30c"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["333023602259954182407591694527434178520", "337869878030822104246888389840736793242", "285328395219631508285691000966376699480", "158024499303725243928212550104409253659", "267812003783876871256161605120373542132", "55161413152641082180949585022664699746", "21868203953259126963318603862973725232", "215261582529318591946515271078132459386", "195717514801609644954899280938760837044", "304562569919733430224829126252878764450", "249795983739251649821280849571668231352", "152540884113697225885193684782527005283", "114734990533994706273379491374072210808", "269102602479188924088300564175206336770", "302926344617479420812018111816586246989", "89547591460084033524102375903752921621", "175980200820200018495839744193661650150", "106873435294979273991389082557842142152"], "threshold":0.9}, "id":"ASB-A-273729476-2e8559f3", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9f3b191d04144e332daceeec2b4f64d295fdf30c", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java"}}, {"deprecated":false, "digest":{"line_hashes":["83187452248718024932908717078656163027", "155037319459122252535095161197261350586", "276194970133774068090153265408598565590"], "threshold":0.9}, "id":"ASB-A-273729476-6861c515", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9f3b191d04144e332daceeec2b4f64d295fdf30c", "target":{"file":"services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java"}}, {"deprecated":false, "digest":{"function_hash":"42574883310073255411351152638730580835", "length":1031}, "id":"ASB-A-273729476-85e0c977", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9f3b191d04144e332daceeec2b4f64d295fdf30c", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"function_hash":"331897836877221858023072162950012147910", "length":1848}, "id":"ASB-A-273729476-b01e953b", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9f3b191d04144e332daceeec2b4f64d295fdf30c", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-07-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/f31df6234091b5b1de258a01dd4b2d8e5415ee2e"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"209588116901681660311483726007507824926", "length":775}, "id":"ASB-A-273729476-2d045025", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f31df6234091b5b1de258a01dd4b2d8e5415ee2e", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"line_hashes":["178066479606260456397807105225735555126", "5813050396736649723089278352748758078", "106633034549640160275859246969274522407", "210062582440393634920515023014158765431", "83187452248718024932908717078656163027", "155037319459122252535095161197261350586", "276194970133774068090153265408598565590"], "threshold":0.9}, "id":"ASB-A-273729476-550045c5", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f31df6234091b5b1de258a01dd4b2d8e5415ee2e", "target":{"file":"services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java"}}, {"deprecated":false, "digest":{"line_hashes":["267812003783876871256161605120373542132", "55161413152641082180949585022664699746", "21868203953259126963318603862973725232", "37758467216667853439331968675072048171", "195717514801609644954899280938760837044", "304562569919733430224829126252878764450", "249795983739251649821280849571668231352", "152540884113697225885193684782527005283", "114734990533994706273379491374072210808", "269102602479188924088300564175206336770", "302926344617479420812018111816586246989", "89547591460084033524102375903752921621", "305949819878249683593158030973979810914", "58053691233098887120730646608229540836"], "threshold":0.9}, "id":"ASB-A-273729476-6a8531b1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f31df6234091b5b1de258a01dd4b2d8e5415ee2e", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java"}}, {"deprecated":false, "digest":{"function_hash":"328645577999406322436556905913303246299", "length":1436}, "id":"ASB-A-273729476-7a392115", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f31df6234091b5b1de258a01dd4b2d8e5415ee2e", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-07-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/ab0c8ac5b47509a71f27c4e5e9ce104d51bab0a8"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"92455432831317346802672959460846265974", "length":918}, "id":"ASB-A-273729476-246650be", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/ab0c8ac5b47509a71f27c4e5e9ce104d51bab0a8", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"function_hash":"33557153684161352340379549504679014313", "length":1483}, "id":"ASB-A-273729476-3b8e8e14", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/ab0c8ac5b47509a71f27c4e5e9ce104d51bab0a8", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"line_hashes":["178066479606260456397807105225735555126", "5813050396736649723089278352748758078", "106633034549640160275859246969274522407", "210062582440393634920515023014158765431", "83187452248718024932908717078656163027", "155037319459122252535095161197261350586", "276194970133774068090153265408598565590"], "threshold":0.9}, "id":"ASB-A-273729476-7aa1b55e", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/ab0c8ac5b47509a71f27c4e5e9ce104d51bab0a8", "target":{"file":"services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java"}}, {"deprecated":false, "digest":{"line_hashes":["267812003783876871256161605120373542132", "55161413152641082180949585022664699746", "21868203953259126963318603862973725232", "296758649462212877677741594198979435025", "195717514801609644954899280938760837044", "304562569919733430224829126252878764450", "249795983739251649821280849571668231352", "152540884113697225885193684782527005283", "114734990533994706273379491374072210808", "269102602479188924088300564175206336770", "302926344617479420812018111816586246989", "89547591460084033524102375903752921621", "305949819878249683593158030973979810914", "58053691233098887120730646608229540836"], "threshold":0.9}, "id":"ASB-A-273729476-dcb743df", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/ab0c8ac5b47509a71f27c4e5e9ce104d51bab0a8", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-07-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/fee62a33da3e9a15d4ab5e4c8f730b50eae67cbe"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"92455432831317346802672959460846265974", "length":918}, "id":"ASB-A-273729476-232c83c3", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/fee62a33da3e9a15d4ab5e4c8f730b50eae67cbe", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"function_hash":"33557153684161352340379549504679014313", "length":1483}, "id":"ASB-A-273729476-404c97ce", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/fee62a33da3e9a15d4ab5e4c8f730b50eae67cbe", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"line_hashes":["267812003783876871256161605120373542132", "55161413152641082180949585022664699746", "21868203953259126963318603862973725232", "296758649462212877677741594198979435025", "195717514801609644954899280938760837044", "304562569919733430224829126252878764450", "249795983739251649821280849571668231352", "152540884113697225885193684782527005283", "114734990533994706273379491374072210808", "269102602479188924088300564175206336770", "302926344617479420812018111816586246989", "89547591460084033524102375903752921621", "305949819878249683593158030973979810914", "58053691233098887120730646608229540836"], "threshold":0.9}, "id":"ASB-A-273729476-72c26654", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/fee62a33da3e9a15d4ab5e4c8f730b50eae67cbe", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java"}}, {"deprecated":false, "digest":{"line_hashes":["178066479606260456397807105225735555126", "5813050396736649723089278352748758078", "106633034549640160275859246969274522407", "210062582440393634920515023014158765431", "83187452248718024932908717078656163027", "155037319459122252535095161197261350586", "276194970133774068090153265408598565590"], "threshold":0.9}, "id":"ASB-A-273729476-73244623", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/fee62a33da3e9a15d4ab5e4c8f730b50eae67cbe", "target":{"file":"services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-07-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/d31fe58376000d1337a1c57bdac2c018b670b2ec"], "severity":"High", "spl":"2023-07-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["83187452248718024932908717078656163027", "155037319459122252535095161197261350586", "276194970133774068090153265408598565590"], "threshold":0.9}, "id":"ASB-A-273729476-475871f5", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d31fe58376000d1337a1c57bdac2c018b670b2ec", "target":{"file":"services/tests/servicestests/src/com/android/server/pm/ShortcutManagerTest2.java"}}, {"deprecated":false, "digest":{"function_hash":"331897836877221858023072162950012147910", "length":1848}, "id":"ASB-A-273729476-de470b4a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d31fe58376000d1337a1c57bdac2c018b670b2ec", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"function_hash":"42574883310073255411351152638730580835", "length":1031}, "id":"ASB-A-273729476-ecf6ec3d", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d31fe58376000d1337a1c57bdac2c018b670b2ec", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java", "function":"ShortcutInfo"}}, {"deprecated":false, "digest":{"line_hashes":["267812003783876871256161605120373542132", "55161413152641082180949585022664699746", "21868203953259126963318603862973725232", "215261582529318591946515271078132459386", "195717514801609644954899280938760837044", "304562569919733430224829126252878764450", "249795983739251649821280849571668231352", "152540884113697225885193684782527005283", "114734990533994706273379491374072210808", "269102602479188924088300564175206336770", "302926344617479420812018111816586246989", "89547591460084033524102375903752921621", "175980200820200018495839744193661650150", "106873435294979273991389082557842142152"], "threshold":0.9}, "id":"ASB-A-273729476-f77c4190", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d31fe58376000d1337a1c57bdac2c018b670b2ec", "target":{"file":"core/java/android/content/pm/ShortcutInfo.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-07-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/fc1b9998ca8a9fceba47d67fd9ea9b45705b53e0"}]}