{"id":"ASB-A-281665050", "published":"2025-02-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2023-40137", "A-281665050"], "details":"In createDatasetItems of DialogFillUi.java, there is a possible way to view another user's image. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"15-next:0"}, {"fixed":"15-next:2025-02-01"}]}], "versions":["15-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78"], "severity":"High", "spl":"2025-02-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["152706124914265209826722211813105497440", "122457438830031755697776489763091500155", "9557648870503328618362177008065891024", "21424190766785613237481844130356205668", "318743049332437221904056720756700357292", "19494396699293671953931356471127301788", "125685506690105876920915180744054100445", "193060436326013056668025233908441392097", "45525861848201633409686579962243666914", "247171390140834564838122080548466479325", "11417974425339281741084590764620266974", "63675271650473437443478445002199682738", "337643276294840670681719171796552205364", "120308007170846405930104003764350781053", "110491743816707019839998419656968232453", "290369119132319450297915760482112743456", "318831208973307593363994768019606516553", "118585930299939295491472408901765825976"], "threshold":0.9}, "id":"ASB-A-281665050-06445f7a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java"}}, {"deprecated":false, "digest":{"function_hash":"110995354895912650465302359732992851334", "length":3696}, "id":"ASB-A-281665050-4124815a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java", "function":"applyCustomDescription"}}, {"deprecated":false, "digest":{"function_hash":"49532191195551615746744837755912801092", "length":754}, "id":"ASB-A-281665050-6438f6a0", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"initialAuthenticationLayout"}}, {"deprecated":false, "digest":{"line_hashes":["70384187207969473467724071990317729398", "320418546227076084465594181217435078892", "139034975296227356350451546793061696188", "198840029242654939539433467117586934531", "313245536086977364838236582966126120156", "9821241575628344625617058172907797661", "84864080468086762366722034388010268348", "321713212781640076910098641929018121181", "60835553322294116645322918846401089571", "194254830192584495059033577937727898134", "147075656553749944497531376143451541327", "11224255276186999251427813799537284016", "190000541700740439308365212289947348130"], "threshold":0.9}, "id":"ASB-A-281665050-77854c22", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java"}}, {"deprecated":false, "digest":{"function_hash":"31646391903980341277154471442477253944", "length":6510}, "id":"ASB-A-281665050-80fd7a71", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java", "function":"FillUi"}}, {"deprecated":false, "digest":{"line_hashes":["148303161279659643660660451501034279234", "125883638802437311423689325172088876430", "68109407143103339498063405506151933519", "141851605057521366089072764562061264673"], "threshold":0.9}, "id":"ASB-A-281665050-a53a4b64", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java"}}, {"deprecated":false, "digest":{"line_hashes":["195550187764114165661677033491385867525", "207939012160879388942929324645558281641", "197882718764834178866649541080794831380", "239233852245253813103569443623407063279", "44698807005793972678540295405764893919", "21183059188807409401714516310665780128", "300048194628243201263727493046361281547", "303844278245018911624601514776114041871", "229695913011207263233075675270896549026", "55169701512537227256118636456135333684", "198388733492753553705907241123091591212", "304920987658179113312826479999607115028", "269055928370450172860520757506759510794", "237757000885932752970060260599884987089", "33379483823330199745001603645193499184"], "threshold":0.9}, "id":"ASB-A-281665050-ad39c60e", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/Helper.java"}}, {"deprecated":false, "digest":{"function_hash":"14933855057066592257347322952625317997", "length":1677}, "id":"ASB-A-281665050-e69baae4", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"createDatasetItems"}}, {"deprecated":false, "digest":{"function_hash":"243658678464188710220306003597891618027", "length":498}, "id":"ASB-A-281665050-eeb818cb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bf7fbbccd920596e514d1559fb3feaca70e55e78", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"setHeader"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2025-02-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053"], "severity":"High", "spl":"2025-02-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["70384187207969473467724071990317729398", "320418546227076084465594181217435078892", "139034975296227356350451546793061696188", "198840029242654939539433467117586934531", "313245536086977364838236582966126120156", "9821241575628344625617058172907797661", "84864080468086762366722034388010268348", "321713212781640076910098641929018121181", "60835553322294116645322918846401089571", "194254830192584495059033577937727898134", "147075656553749944497531376143451541327", "11224255276186999251427813799537284016", "190000541700740439308365212289947348130"], "threshold":0.9}, "id":"ASB-A-281665050-4bba6ff2", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java"}}, {"deprecated":false, "digest":{"line_hashes":["206563368113645024653705304061605275981", "197882718764834178866649541080794831380", "239233852245253813103569443623407063279", "44698807005793972678540295405764893919", "21183059188807409401714516310665780128", "300048194628243201263727493046361281547", "200644165688969314273219891189461360855", "77496428704198062703578586753481553588", "55169701512537227256118636456135333684", "198388733492753553705907241123091591212", "304920987658179113312826479999607115028", "269055928370450172860520757506759510794", "237757000885932752970060260599884987089", "33379483823330199745001603645193499184"], "threshold":0.9}, "id":"ASB-A-281665050-5897c9bc", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053", "target":{"file":"services/autofill/java/com/android/server/autofill/Helper.java"}}, {"deprecated":false, "digest":{"function_hash":"155518773178166328024443815934004657924", "length":6466}, "id":"ASB-A-281665050-9791299f", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java", "function":"FillUi"}}, {"deprecated":false, "digest":{"function_hash":"110995354895912650465302359732992851334", "length":3696}, "id":"ASB-A-281665050-be69d6ef", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java", "function":"applyCustomDescription"}}, {"deprecated":false, "digest":{"line_hashes":["148303161279659643660660451501034279234", "125883638802437311423689325172088876430", "68109407143103339498063405506151933519", "141851605057521366089072764562061264673"], "threshold":0.9}, "id":"ASB-A-281665050-d4299c57", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/73fa082a7202100da107ae14dd7742ecd86da053", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2025-02-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a"], "severity":"High", "spl":"2025-02-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["206563368113645024653705304061605275981", "197882718764834178866649541080794831380", "239233852245253813103569443623407063279", "44698807005793972678540295405764893919", "21183059188807409401714516310665780128", "300048194628243201263727493046361281547", "200644165688969314273219891189461360855", "77496428704198062703578586753481553588", "55169701512537227256118636456135333684", "198388733492753553705907241123091591212", "304920987658179113312826479999607115028", "269055928370450172860520757506759510794", "237757000885932752970060260599884987089", "33379483823330199745001603645193499184"], "threshold":0.9}, "id":"ASB-A-281665050-4b9be62e", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a", "target":{"file":"services/autofill/java/com/android/server/autofill/Helper.java"}}, {"deprecated":false, "digest":{"function_hash":"155518773178166328024443815934004657924", "length":6466}, "id":"ASB-A-281665050-69bfefd7", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java", "function":"FillUi"}}, {"deprecated":false, "digest":{"function_hash":"110995354895912650465302359732992851334", "length":3696}, "id":"ASB-A-281665050-c0f2a3a7", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java", "function":"applyCustomDescription"}}, {"deprecated":false, "digest":{"line_hashes":["148303161279659643660660451501034279234", "125883638802437311423689325172088876430", "68109407143103339498063405506151933519", "141851605057521366089072764562061264673"], "threshold":0.9}, "id":"ASB-A-281665050-d7552cd1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java"}}, {"deprecated":false, "digest":{"line_hashes":["70384187207969473467724071990317729398", "320418546227076084465594181217435078892", "139034975296227356350451546793061696188", "198840029242654939539433467117586934531", "313245536086977364838236582966126120156", "9821241575628344625617058172907797661", "84864080468086762366722034388010268348", "321713212781640076910098641929018121181", "60835553322294116645322918846401089571", "194254830192584495059033577937727898134", "147075656553749944497531376143451541327", "11224255276186999251427813799537284016", "190000541700740439308365212289947348130"], "threshold":0.9}, "id":"ASB-A-281665050-f36bcf55", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f7ca136c514dc975c3f46d95c53fd6b3752c577a", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2025-02-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0"], "severity":"High", "spl":"2025-02-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"110995354895912650465302359732992851334", "length":3696}, "id":"ASB-A-281665050-0d2943f4", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java", "function":"applyCustomDescription"}}, {"deprecated":false, "digest":{"line_hashes":["70384187207969473467724071990317729398", "320418546227076084465594181217435078892", "139034975296227356350451546793061696188", "198840029242654939539433467117586934531", "313245536086977364838236582966126120156", "9821241575628344625617058172907797661", "84864080468086762366722034388010268348", "321713212781640076910098641929018121181", "60835553322294116645322918846401089571", "194254830192584495059033577937727898134", "147075656553749944497531376143451541327", "11224255276186999251427813799537284016", "190000541700740439308365212289947348130"], "threshold":0.9}, "id":"ASB-A-281665050-27c06beb", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java"}}, {"deprecated":false, "digest":{"function_hash":"14933855057066592257347322952625317997", "length":1677}, "id":"ASB-A-281665050-2b9e0a47", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"createDatasetItems"}}, {"deprecated":false, "digest":{"function_hash":"49532191195551615746744837755912801092", "length":754}, "id":"ASB-A-281665050-8e58e6f9", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"initialAuthenticationLayout"}}, {"deprecated":false, "digest":{"function_hash":"243658678464188710220306003597891618027", "length":498}, "id":"ASB-A-281665050-979c9889", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java", "function":"setHeader"}}, {"deprecated":false, "digest":{"line_hashes":["206563368113645024653705304061605275981", "197882718764834178866649541080794831380", "239233852245253813103569443623407063279", "44698807005793972678540295405764893919", "21183059188807409401714516310665780128", "300048194628243201263727493046361281547", "200644165688969314273219891189461360855", "77496428704198062703578586753481553588", "55169701512537227256118636456135333684", "198388733492753553705907241123091591212", "304920987658179113312826479999607115028", "269055928370450172860520757506759510794", "237757000885932752970060260599884987089", "33379483823330199745001603645193499184"], "threshold":0.9}, "id":"ASB-A-281665050-a1b813d7", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/Helper.java"}}, {"deprecated":false, "digest":{"function_hash":"155518773178166328024443815934004657924", "length":6466}, "id":"ASB-A-281665050-acd70eb0", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/FillUi.java", "function":"FillUi"}}, {"deprecated":false, "digest":{"line_hashes":["152706124914265209826722211813105497440", "122457438830031755697776489763091500155", "9557648870503328618362177008065891024", "21424190766785613237481844130356205668", "318743049332437221904056720756700357292", "19494396699293671953931356471127301788", "125685506690105876920915180744054100445", "193060436326013056668025233908441392097", "45525861848201633409686579962243666914", "247171390140834564838122080548466479325", "11417974425339281741084590764620266974", "63675271650473437443478445002199682738", "337643276294840670681719171796552205364", "120308007170846405930104003764350781053", "110491743816707019839998419656968232453", "290369119132319450297915760482112743456", "318831208973307593363994768019606516553", "118585930299939295491472408901765825976"], "threshold":0.9}, "id":"ASB-A-281665050-b901e226", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/DialogFillUi.java"}}, {"deprecated":false, "digest":{"line_hashes":["148303161279659643660660451501034279234", "125883638802437311423689325172088876430", "68109407143103339498063405506151933519", "141851605057521366089072764562061264673"], "threshold":0.9}, "id":"ASB-A-281665050-d2b5895d", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/93810ba1c0a4d31f49adbf9454731e2b7defdfc0", "target":{"file":"services/autofill/java/com/android/server/autofill/ui/SaveUi.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2025-02-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c5529115cc1a1e0c97cd503f33"}]}