{"id":"ASB-A-224771621","details":"In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-224771621","CVE-2023-40121"],"modified":"2026-04-24T15:37:38.793646Z","published":"2023-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-10-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/3287ac2d2565dc96bf6177967f8e3aed33954253"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2023-10-01"}]}],"versions":["14-next"],"ecosystem_specific":{"types":["ID"],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/0e371afb3000c499e0781168ec881a47eab93bad"],"spl":"2023-10-01","vanir_signatures":[{"id":"ASB-A-224771621-1b43d100","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"core/java/android/database/DatabaseUtils.java"},"digest":{"line_hashes":["91430442698769588082946095537832694273","20026852134819942257321237996885029255","40202397281895256590539654412865972135","50951509129200039129727141957125128952","119153895310442971121653871419161057127","233941376171148845727814306014660242510","328591897088368036931992023040705824379","331022390354213500580369461296128589367","99802358205671677310842177324450502666","187295020737331672904278640354158062270","248156025000407165605799185144903196744","179301388443848148578845235787293899387","107870144222067608556514995861480788614","231700832369868250746759799492792043918"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/0e371afb3000c499e0781168ec881a47eab93bad"},{"id":"ASB-A-224771621-7e8b21d9","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"appendEscapedSQLString","file":"core/java/android/database/DatabaseUtils.java"},"digest":{"length":391,"function_hash":"43765961898805927503019869372948122505"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0e371afb3000c499e0781168ec881a47eab93bad"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-224771621.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-10-01"}]}],"versions":["11"],"ecosystem_specific":{"types":["ID"],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"],"spl":"2023-10-01","vanir_signatures":[{"id":"ASB-A-224771621-08e678a4","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"core/java/android/database/DatabaseUtils.java"},"digest":{"line_hashes":["91430442698769588082946095537832694273","20026852134819942257321237996885029255","40202397281895256590539654412865972135","50951509129200039129727141957125128952","119153895310442971121653871419161057127","233941376171148845727814306014660242510","328591897088368036931992023040705824379","331022390354213500580369461296128589367","99802358205671677310842177324450502666","187295020737331672904278640354158062270","248156025000407165605799185144903196744","179301388443848148578845235787293899387","107870144222067608556514995861480788614","231700832369868250746759799492792043918"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"},{"id":"ASB-A-224771621-1f3d7e7f","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"appendEscapedSQLString","file":"core/java/android/database/DatabaseUtils.java"},"digest":{"length":391,"function_hash":"43765961898805927503019869372948122505"},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-224771621.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-10-01"}]}],"versions":["12"],"ecosystem_specific":{"types":["ID"],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"],"spl":"2023-10-01","vanir_signatures":[{"id":"ASB-A-224771621-76b7a6a2","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"core/java/android/database/DatabaseUtils.java"},"digest":{"line_hashes":["91430442698769588082946095537832694273","20026852134819942257321237996885029255","40202397281895256590539654412865972135","50951509129200039129727141957125128952","119153895310442971121653871419161057127","233941376171148845727814306014660242510","328591897088368036931992023040705824379","331022390354213500580369461296128589367","99802358205671677310842177324450502666","187295020737331672904278640354158062270","248156025000407165605799185144903196744","179301388443848148578845235787293899387","107870144222067608556514995861480788614","231700832369868250746759799492792043918"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"},{"id":"ASB-A-224771621-9d6c69de","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"appendEscapedSQLString","file":"core/java/android/database/DatabaseUtils.java"},"digest":{"length":391,"function_hash":"43765961898805927503019869372948122505"},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-224771621.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-10-01"}]}],"versions":["12L"],"ecosystem_specific":{"types":["ID"],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"],"spl":"2023-10-01","vanir_signatures":[{"id":"ASB-A-224771621-abf2c345","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"appendEscapedSQLString","file":"core/java/android/database/DatabaseUtils.java"},"digest":{"length":391,"function_hash":"43765961898805927503019869372948122505"},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"},{"id":"ASB-A-224771621-b12023e7","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"core/java/android/database/DatabaseUtils.java"},"digest":{"line_hashes":["91430442698769588082946095537832694273","20026852134819942257321237996885029255","40202397281895256590539654412865972135","50951509129200039129727141957125128952","119153895310442971121653871419161057127","233941376171148845727814306014660242510","328591897088368036931992023040705824379","331022390354213500580369461296128589367","99802358205671677310842177324450502666","187295020737331672904278640354158062270","248156025000407165605799185144903196744","179301388443848148578845235787293899387","107870144222067608556514995861480788614","231700832369868250746759799492792043918"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-224771621.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-10-01"}]}],"versions":["13"],"ecosystem_specific":{"types":["ID"],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"],"spl":"2023-10-01","vanir_signatures":[{"id":"ASB-A-224771621-28d4ee58","signature_version":"v1","signature_type":"Line","deprecated":false,"target":{"file":"core/java/android/database/DatabaseUtils.java"},"digest":{"line_hashes":["91430442698769588082946095537832694273","20026852134819942257321237996885029255","40202397281895256590539654412865972135","50951509129200039129727141957125128952","119153895310442971121653871419161057127","233941376171148845727814306014660242510","328591897088368036931992023040705824379","331022390354213500580369461296128589367","99802358205671677310842177324450502666","187295020737331672904278640354158062270","248156025000407165605799185144903196744","179301388443848148578845235787293899387","107870144222067608556514995861480788614","231700832369868250746759799492792043918"],"threshold":0.9},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"},{"id":"ASB-A-224771621-8b04361a","signature_version":"v1","signature_type":"Function","deprecated":false,"target":{"function":"appendEscapedSQLString","file":"core/java/android/database/DatabaseUtils.java"},"digest":{"length":391,"function_hash":"43765961898805927503019869372948122505"},"source":"https://android.googlesource.com/platform/frameworks/base/+/fb4a72e3943d166088407e61aa4439ac349f3f12"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-224771621.json"}}],"schema_version":"1.7.5"}