{"id":"ASB-A-277740848", "published":"2023-07-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-21238", "A-277740848"], "details":"In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-07-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-57eada37", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0", "target":{"file":"core/java/android/widget/RemoteViews.java"}}, {"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-5ea3c7f8", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-638a6408", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java"}}, {"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-96c2507c", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-07-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-69894fd5", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8", "target":{"file":"core/java/android/widget/RemoteViews.java"}}, {"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-dc878155", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-07-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-830714f5", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-bb3659f3", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-07-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-a2f9bb46", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java"}}, {"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-a5b1e781", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-07-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"], "severity":"High", "spl":"2023-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"111810108874556137557640008461423736335", "length":190}, "id":"ASB-A-277740848-8289e474", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["18893358093154404341348852068354358806", "50423517392454067396854009113314657598", "60246086670864434399416018304216395629", "193393101714492895223609934779057213903"], "threshold":0.9}, "id":"ASB-A-277740848-91d1ab5e", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69", "target":{"file":"core/java/android/widget/RemoteViews.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-07-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911"}]}