{"id":"ASB-A-287640400", "published":"2023-12-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-40073", "A-287640400"], "details":"In visitUris of Notification.java, there is a possible cross-user media read due to Confused Deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14-next:0"}, {"fixed":"14-next:2023-12-01"}]}], "versions":["14-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/f681073d91a5f1461324d829b6cd6c1b56ae71bd"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"201985218415011711560751470036948186349", "length":2769}, "id":"ASB-A-287640400-0132a93e", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f681073d91a5f1461324d829b6cd6c1b56ae71bd", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["147145125135629588391615947816063029025", "281732678064438727946495070623556209283", "142686402721790116739280597824549437236", "85278780104695710719872825570651375143", "7417117942208748972418722929560296056", "43131416255491976861669527594031932808", "108905658301692973882570739318435011551", "108587633537507210242609878158511307392", "209214712958229127365277677898883133842", "4422083245898015211383055637752888781", "103552041863994905675684917208281704433", "37632166122149386811223787386280723680", "73849403225311842655267071472360173532", "291957484433081372285600943892667379318", "66861139576724940568902264861670360430", "244669392767242786024723497502983957733", "17517019758488840952545588009142151325"], "threshold":0.9}, "id":"ASB-A-287640400-604655c7", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/f681073d91a5f1461324d829b6cd6c1b56ae71bd", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2023-12-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/a7e0c6585fd155d5bd9354b8b15516f4788c33a7"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["17209269953019172130702873434132132722", "273011446949303099690139840038706141544", "87619567163106936680864857850098689141", "220635192558347618428557710966537549630", "147390288046710788454631021817366760429", "227971850139857560975030153672215940307", "187870482558217037897344299771329252057", "108587633537507210242609878158511307392", "238482942521325421166953426418539953961", "336609230544111782529988548778564228079", "173394939516140047102879135056767743279", "54400578888695249090798415271074078221"], "threshold":0.9}, "id":"ASB-A-287640400-c28387b8", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/a7e0c6585fd155d5bd9354b8b15516f4788c33a7", "target":{"file":"core/java/android/app/Notification.java"}}, {"deprecated":false, "digest":{"function_hash":"262132017175392463767878872766108479421", "length":2581}, "id":"ASB-A-287640400-eca5c718", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/a7e0c6585fd155d5bd9354b8b15516f4788c33a7", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2023-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"330302221767727683507046250836261280812", "length":2904}, "id":"ASB-A-287640400-96c98107", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["149682647126246980450813888265983878136", "139268105701371031712134097557714266014", "197585125163988185987062498860316791841", "293871498699140096628809383344655540256", "157168360506007279060120465614609954899", "227971850139857560975030153672215940307", "187870482558217037897344299771329252057", "108587633537507210242609878158511307392", "209214712958229127365277677898883133842", "247274710125108089918752834510465687719", "275420439690197521529143529770472213140", "90544060682381301178915754424100445601", "234444926472905264221245843932327875381", "249140699872570335116461996548423358221", "101803455055234848959300302164930637449", "160755499569831398663180417212296914663", "173820567809165489649736099919517038060"], "threshold":0.9}, "id":"ASB-A-287640400-d8921592", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2023-12-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"330302221767727683507046250836261280812", "length":2904}, "id":"ASB-A-287640400-19572b02", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["149682647126246980450813888265983878136", "139268105701371031712134097557714266014", "197585125163988185987062498860316791841", "293871498699140096628809383344655540256", "157168360506007279060120465614609954899", "227971850139857560975030153672215940307", "187870482558217037897344299771329252057", "108587633537507210242609878158511307392", "209214712958229127365277677898883133842", "247274710125108089918752834510465687719", "275420439690197521529143529770472213140", "90544060682381301178915754424100445601", "234444926472905264221245843932327875381", "249140699872570335116461996548423358221", "101803455055234848959300302164930637449", "160755499569831398663180417212296914663", "173820567809165489649736099919517038060"], "threshold":0.9}, "id":"ASB-A-287640400-8b070e85", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/87db980ca1270083a2ba3c7317402a0cd289fd65", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-12-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3c2ebb81ff064cdf1fbe58c15920f44d343e9391"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"218611055744708306518163908548631465702", "length":2952}, "id":"ASB-A-287640400-63958040", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3c2ebb81ff064cdf1fbe58c15920f44d343e9391", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}, {"deprecated":false, "digest":{"line_hashes":["155754717432209013017543167464952632511", "114249688477433304223182082335439108100", "22721810471636571311748513428527171493", "209530810119055766998990867496632062624", "781225146328105575814677055182072393", "201520778652802430645411465180549161940", "275031627355662767670014368247287897901", "281732678064438727946495070623556209283", "119091735977763546063692168043607642164", "250638055627944970047384174701610575040", "88299794168774314635044546257261857265", "180262050703456585785769205171919383845", "108905658301692973882570739318435011551", "108587633537507210242609878158511307392", "209214712958229127365277677898883133842", "247274710125108089918752834510465687719", "275420439690197521529143529770472213140", "90544060682381301178915754424100445601", "174773538391543390547072899090801225263", "208846296421393991542105520785753736042", "16915267631876370560627816182013625710", "37169510279397837687069754429310609330", "239494160250163390723174443656735345545", "183671867846423336259288113830564499130", "234444926472905264221245843932327875381", "249140699872570335116461996548423358221", "101803455055234848959300302164930637449", "160755499569831398663180417212296914663", "173820567809165489649736099919517038060", "149572172347206097383450124856241791941", "216047209128885008134994698672488946183", "230604067347090329615129250887209897007", "34747155296587682055564506055647708681", "216543036933530589877677361988555716890"], "threshold":0.9}, "id":"ASB-A-287640400-adfe55c7", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3c2ebb81ff064cdf1fbe58c15920f44d343e9391", "target":{"file":"core/java/android/app/Notification.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14:0"}, {"fixed":"14:2023-12-01"}]}], "versions":["14"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3054c3ba40319490281562bdd2adb1456f5b1dc9"], "severity":"High", "spl":"2023-12-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["275031627355662767670014368247287897901", "281732678064438727946495070623556209283", "119091735977763546063692168043607642164", "250638055627944970047384174701610575040", "88299794168774314635044546257261857265", "180262050703456585785769205171919383845", "108905658301692973882570739318435011551", "108587633537507210242609878158511307392", "209214712958229127365277677898883133842", "4422083245898015211383055637752888781", "103552041863994905675684917208281704433", "37632166122149386811223787386280723680", "73849403225311842655267071472360173532", "291957484433081372285600943892667379318", "66861139576724940568902264861670360430", "244669392767242786024723497502983957733", "46092162532536089214777198820882741896"], "threshold":0.9}, "id":"ASB-A-287640400-12e5860a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3054c3ba40319490281562bdd2adb1456f5b1dc9", "target":{"file":"core/java/android/app/Notification.java"}}, {"deprecated":false, "digest":{"function_hash":"16480000897640145369319295520833400692", "length":3048}, "id":"ASB-A-287640400-b6d5660a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/3054c3ba40319490281562bdd2adb1456f5b1dc9", "target":{"file":"core/java/android/app/Notification.java", "function":"visitUris"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/fe6fef4f9c1f75c12bffa4a1d16d9990cc3fbc35"}]}