{"id":"ASB-A-274592467", "published":"2023-07-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-21239", "A-274592467"], "details":"In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-07-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"177493408125326377496345966152918918599", "length":2101}, "id":"ASB-A-274592467-19aa5e70", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["309729096522564501414861831013221291346", "28789112198301087514841922640555467717", "106386172300797820375062882942015812786"], "threshold":0.9}, "id":"ASB-A-274592467-ea53ba7a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-07-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"177493408125326377496345966152918918599", "length":2101}, "id":"ASB-A-274592467-254b99cb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["309729096522564501414861831013221291346", "28789112198301087514841922640555467717", "106386172300797820375062882942015812786"], "threshold":0.9}, "id":"ASB-A-274592467-715ab04c", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-07-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"177493408125326377496345966152918918599", "length":2101}, "id":"ASB-A-274592467-89c6874b", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["309729096522564501414861831013221291346", "28789112198301087514841922640555467717", "106386172300797820375062882942015812786"], "threshold":0.9}, "id":"ASB-A-274592467-a64a8b2a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-07-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["309729096522564501414861831013221291346", "28789112198301087514841922640555467717", "106386172300797820375062882942015812786"], "threshold":0.9}, "id":"ASB-A-274592467-0246b644", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java"}}, {"deprecated":false, "digest":{"function_hash":"177493408125326377496345966152918918599", "length":2101}, "id":"ASB-A-274592467-d74e1146", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/4dee5aab12e95cd8b4d663ad050f07b0f2433596", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-07-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/c451aa5710e1da19139eb3716e39a5d6f04de5c2"}]}