{"id":"ASB-A-316893159", "published":"2024-03-01T00:00:00Z", "modified":"2026-04-29T15:10:00.007170452Z", "aliases":["CVE-2024-0048", "A-316893159"], "details":"In Session of AccountManagerService.java, there is a possible method to retain foreground service privileges due to incorrect handling of null responses. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14-next:0"}, {"fixed":"14-next:2024-03-01"}]}], "versions":["14-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/c1b2d61dd84467ba2621a17718761ad4949dfd5e", "https://android.googlesource.com/platform/frameworks/base/+/89af0a39c23abf0464a96e5ba7eec332b675a69e"], "severity":"High", "spl":"2024-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"265328424312928374515768229782878598753", "length":680}, "id":"ASB-A-316893159-93b0c788", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/c1b2d61dd84467ba2621a17718761ad4949dfd5e", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"Session"}}, {"deprecated":false, "digest":{"line_hashes":["147516298131624241384756167266658125938", "39791194325251257456986993978544102798", "27254244033986831096454444969228777862", "73114813082680463078622503072237150951", "265907424551711755248114247518782074159", "20933846279482472287914415765660668423", "126153835675113937042994305411507819078", "318018205287503207077538754512504815299", "242451460847616123178063495162102141122", "84373260278207685014432832870756667011", "130619544422725740809277217888075915016", "106189489982922899031012766179206677335", "14255875241294422934386317586187022806", "205782882345301555749511224884459230186"], "threshold":0.9}, "id":"ASB-A-316893159-bc402f95", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/c1b2d61dd84467ba2621a17718761ad4949dfd5e", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}, {"deprecated":false, "digest":{"line_hashes":["134633262403625574119509815301232138664", "56314270232463790916276195357229955021", "128325795429514723275558386072991325974", "285865900335380423290357690358398924324"], "threshold":0.9}, "id":"ASB-A-316893159-bc450520", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/89af0a39c23abf0464a96e5ba7eec332b675a69e", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}, {"deprecated":false, "digest":{"function_hash":"133645332067243858162289430740295177188", "length":333}, "id":"ASB-A-316893159-ed570c09", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/c1b2d61dd84467ba2621a17718761ad4949dfd5e", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"onTimedOut"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2024-03-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09"], "severity":"High", "spl":"2024-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154113943960998969999173728755529315304", "length":699}, "id":"ASB-A-316893159-4968643c", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"Session"}}, {"deprecated":false, "digest":{"function_hash":"133645332067243858162289430740295177188", "length":333}, "id":"ASB-A-316893159-f1333e00", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"onTimedOut"}}, {"deprecated":false, "digest":{"line_hashes":["147516298131624241384756167266658125938", "39791194325251257456986993978544102798", "27254244033986831096454444969228777862", "73114813082680463078622503072237150951", "265907424551711755248114247518782074159", "20933846279482472287914415765660668423", "126153835675113937042994305411507819078", "84602381484422346330323891832756860196", "242451460847616123178063495162102141122", "84373260278207685014432832870756667011", "130619544422725740809277217888075915016", "106189489982922899031012766179206677335", "14255875241294422934386317586187022806", "205782882345301555749511224884459230186"], "threshold":0.9}, "id":"ASB-A-316893159-ff47a9a4", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2024-03-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09"], "severity":"High", "spl":"2024-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154113943960998969999173728755529315304", "length":699}, "id":"ASB-A-316893159-526cb685", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"Session"}}, {"deprecated":false, "digest":{"function_hash":"133645332067243858162289430740295177188", "length":333}, "id":"ASB-A-316893159-a7303bdb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"onTimedOut"}}, {"deprecated":false, "digest":{"line_hashes":["147516298131624241384756167266658125938", "39791194325251257456986993978544102798", "27254244033986831096454444969228777862", "73114813082680463078622503072237150951", "265907424551711755248114247518782074159", "20933846279482472287914415765660668423", "126153835675113937042994305411507819078", "84602381484422346330323891832756860196", "242451460847616123178063495162102141122", "84373260278207685014432832870756667011", "130619544422725740809277217888075915016", "106189489982922899031012766179206677335", "14255875241294422934386317586187022806", "205782882345301555749511224884459230186"], "threshold":0.9}, "id":"ASB-A-316893159-df2b9e7a", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2024-03-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09"], "severity":"High", "spl":"2024-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"133645332067243858162289430740295177188", "length":333}, "id":"ASB-A-316893159-16fb120e", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"onTimedOut"}}, {"deprecated":false, "digest":{"function_hash":"154113943960998969999173728755529315304", "length":699}, "id":"ASB-A-316893159-68aa4b1a", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"Session"}}, {"deprecated":false, "digest":{"line_hashes":["147516298131624241384756167266658125938", "39791194325251257456986993978544102798", "27254244033986831096454444969228777862", "73114813082680463078622503072237150951", "265907424551711755248114247518782074159", "20933846279482472287914415765660668423", "126153835675113937042994305411507819078", "84602381484422346330323891832756860196", "242451460847616123178063495162102141122", "84373260278207685014432832870756667011", "130619544422725740809277217888075915016", "106189489982922899031012766179206677335", "14255875241294422934386317586187022806", "205782882345301555749511224884459230186"], "threshold":0.9}, "id":"ASB-A-316893159-c292c281", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"14:0"}, {"fixed":"14:2024-03-01"}]}], "versions":["14"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09"], "severity":"High", "spl":"2024-03-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154113943960998969999173728755529315304", "length":699}, "id":"ASB-A-316893159-78b2ccf8", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"Session"}}, {"deprecated":false, "digest":{"function_hash":"133645332067243858162289430740295177188", "length":333}, "id":"ASB-A-316893159-ee4d74bb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java", "function":"onTimedOut"}}, {"deprecated":false, "digest":{"line_hashes":["147516298131624241384756167266658125938", "39791194325251257456986993978544102798", "27254244033986831096454444969228777862", "73114813082680463078622503072237150951", "265907424551711755248114247518782074159", "20933846279482472287914415765660668423", "126153835675113937042994305411507819078", "84602381484422346330323891832756860196", "242451460847616123178063495162102141122", "84373260278207685014432832870756667011", "130619544422725740809277217888075915016", "106189489982922899031012766179206677335", "14255875241294422934386317586187022806", "205782882345301555749511224884459230186"], "threshold":0.9}, "id":"ASB-A-316893159-f1cf2842", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/bb53f192e0ceaa026a083da156ef0cb0140f0c09", "target":{"file":"services/core/java/com/android/server/accounts/AccountManagerService.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2024-03-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/2c236cde5505ee0e88cf1e3d073e2f1a53f0eede"}]}