{"id":"ASB-A-274775190", "published":"2023-10-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-40120", "A-274775190"], "details":"In multiple locations, there is a possible way to bypass user notification of foreground services due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14-next:0"}, {"fixed":"14-next:2023-10-01"}]}], "versions":["14-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/0ea0f35dce5e3ecdddbe2a93caaecb2b1c394b78", "https://android.googlesource.com/platform/frameworks/base/+/7aa5b1415941f8c4172d02072f59349d30450232"], "severity":"High", "spl":"2023-10-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"295032870259104720256886176278826762346", "length":272}, "id":"ASB-A-274775190-6a984c32", "match_only_versions":["14-next"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/0ea0f35dce5e3ecdddbe2a93caaecb2b1c394b78", "target":{"file":"core/java/android/app/StatusBarManager.java", "function":"getService"}}, {"deprecated":false, "digest":{"function_hash":"193419990035426540541696645683798941871", "length":131}, "id":"ASB-A-274775190-8f502582", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/0ea0f35dce5e3ecdddbe2a93caaecb2b1c394b78", "target":{"file":"core/java/android/app/StatusBarManager.java", "function":"isMediaTitleRequiredForApp"}}, {"deprecated":false, "digest":{"line_hashes":["276401531901318263753144431699500467534", "174693737625381771289955730754378212089", "55067072768329347915291328717665274412", "247491197205286358186884514790289441800", "288268817024719155601732677583925904674", "162414632533865194722156741041722238057", "238187707617870915485439331167525581495", "42870352728389217820846386914021981277", "197830679814973854642546934516842684361", "31823246263992746912867442466257200867", "179771285865684518296153165408831105186", "105823613653653031239713650423167024704", "227755580500140105511776870914346632550", "302439945214960274764316328120321594772", "157093321223745541105175817161241093639", "41027818387143506716071401913762006612", "40681326202558538640645875563718560389", "127635592304768124555866852793805531603", "97708967501522358369735335246717124075", "129554294152192160224533512055370407544", "104176241438601927444278433906707718950", "333723484836615690996111369955045802370", "194775277198457715137714559249712910553", "243161833809819721557020020362400150479", "178914412161223854977679791516697656678", "134936461097158260160654518469916486136", "138251747473868163461947946972620429932", "271487609364378758100043770345098504500", "322179436436476499849029600944439531583", "76327287156485271441958115395213707924", "31977801378991756250502292725926409566", "1136072264060281673135831628939118147", "261412421687700868409742376006145653915"], "threshold":0.9}, "id":"ASB-A-274775190-cfbb5e0a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/0ea0f35dce5e3ecdddbe2a93caaecb2b1c394b78", "target":{"file":"core/java/android/app/StatusBarManager.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-10-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/070eff919c85fd83501e380a92e30caf082e9ffc", "https://android.googlesource.com/platform/frameworks/base/+/917729f52b84d8ff1140ece2dd696914426adcd3"], "severity":"High", "spl":"2023-10-01", "types":["EoP"]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-10-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/883923c40b88c0486c5ac24dc756213b187b3bb1", "https://android.googlesource.com/platform/frameworks/base/+/204ea4a673cc47f154cbff66d664618f1942b6b9"], "severity":"High", "spl":"2023-10-01", "types":["EoP"]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-10-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/df4686dc0a38b6027960dbe69b3fe18048f02b8f", "https://android.googlesource.com/platform/frameworks/base/+/204ea4a673cc47f154cbff66d664618f1942b6b9"], "severity":"High", "spl":"2023-10-01", "types":["EoP"]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-10-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/a0fda1f36d04331c8d60c5540b09b1a30203581b", "https://android.googlesource.com/platform/frameworks/base/+/602de6cbd4d51222625e849ffedd5e58977aecbd"], "severity":"High", "spl":"2023-10-01", "types":["EoP"]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-10-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/d26544e5a4fd554b790b4d0c5964d9e95d9e626b"}]}