{"id":"PUB-A-259942964", "published":"2023-06-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-21167", "A-259942964"], "details":"In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-06-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642"], "severity":"Moderate", "spl":"2023-06-01", "types":["DoS"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["261632806508549377328375700223001763684", "72071718042071190986683616560344911631", "249579893198889923221703755640549339828", "32977824350968205327085866770411269575", "207985399631430165261605392140189796283", "302998431240077100762269125275940416996", "40645136330168600440795433057896396955", "112184475321408415755340114980368957769"], "threshold":0.9}, "id":"PUB-A-259942964-aa9e8bc1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642", "target":{"file":"services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"}}, {"deprecated":false, "digest":{"function_hash":"336160652653341782677047496187658732973", "length":434}, "id":"PUB-A-259942964-f1f1232a", "match_only_versions":["13-next"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642", "target":{"file":"services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java", "function":"setProfileName"}}]}}, {"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-06-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642"], "severity":"Moderate", "spl":"2023-06-01", "types":["DoS"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["261632806508549377328375700223001763684", "72071718042071190986683616560344911631", "249579893198889923221703755640549339828", "32977824350968205327085866770411269575", "207985399631430165261605392140189796283", "302998431240077100762269125275940416996", "40645136330168600440795433057896396955", "112184475321408415755340114980368957769"], "threshold":0.9}, "id":"PUB-A-259942964-260ad326", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642", "target":{"file":"services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java"}}, {"deprecated":false, "digest":{"function_hash":"336160652653341782677047496187658732973", "length":434}, "id":"PUB-A-259942964-85a857f8", "match_only_versions":["13"], "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/189b1157bd751e9fa01e4084c91f703c8f4af642", "target":{"file":"services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java", "function":"setProfileName"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-06-01"}]}