{"id":"ASB-A-228450832","details":"In extractRelativePath of FileUtils.java, there is a possible way to access files in a directory belonging to other applications due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-228450832","CVE-2023-21093"],"modified":"2026-04-10T16:16:18.068628Z","published":"2023-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8e3c6bd122b2e42fd4a35659438060caa5448784"}],"affected":[{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-04-01"}]}],"versions":["13-next"],"ecosystem_specific":{"spl":"2023-04-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/798fa4b89e154877e4ddafc3894eb8275a74eb7e"],"types":["EoP"],"severity":"High","vanir_signatures":[{"target":{"file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-4ff3c90f","digest":{"line_hashes":["206188904398887157952849569299816887768","294715035373445758583643144815576799072","160515729426048839210765872878504830984","64249307036594502547115617933033992750","31929445247905290476559195036969378820","227227288452679631525890011656619600363","157133681087591560378184964094355114139"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/798fa4b89e154877e4ddafc3894eb8275a74eb7e","exact_target_file_match_only":true},{"target":{"function":"extractRelativePath","file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-8ca49847","digest":{"length":392,"function_hash":"186571651556252326343810402849572478373"},"deprecated":false,"signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/798fa4b89e154877e4ddafc3894eb8275a74eb7e","exact_target_file_match_only":true}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-228450832.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-04-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2023-04-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/0f59f42685f186fd207355c01c580038436713ba"],"types":["EoP"],"severity":"High","vanir_signatures":[{"target":{"function":"extractRelativePath","file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-07b00f00","digest":{"length":392,"function_hash":"186571651556252326343810402849572478373"},"deprecated":false,"signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/0f59f42685f186fd207355c01c580038436713ba","exact_target_file_match_only":true},{"target":{"file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-7e7e3db8","digest":{"line_hashes":["206188904398887157952849569299816887768","294715035373445758583643144815576799072","160515729426048839210765872878504830984","64249307036594502547115617933033992750","31929445247905290476559195036969378820","327483409690538881822271074525609590913","58494975484443663623447151996032049150"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/0f59f42685f186fd207355c01c580038436713ba","exact_target_file_match_only":true}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-228450832.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-04-01"}]}],"versions":["12"],"ecosystem_specific":{"spl":"2023-04-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/43b718413e30fc2525bacfc4f9291e7998ad467d"],"types":["EoP"],"severity":"High","vanir_signatures":[{"target":{"function":"extractRelativePath","file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-a121c282","digest":{"length":392,"function_hash":"186571651556252326343810402849572478373"},"deprecated":false,"signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/43b718413e30fc2525bacfc4f9291e7998ad467d","exact_target_file_match_only":true},{"target":{"file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-cb7efb17","digest":{"line_hashes":["206188904398887157952849569299816887768","294715035373445758583643144815576799072","160515729426048839210765872878504830984","64249307036594502547115617933033992750","31929445247905290476559195036969378820","216381434451874399883716768998548753683","67285741456772442012070940876174401461"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/43b718413e30fc2525bacfc4f9291e7998ad467d","exact_target_file_match_only":true}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-228450832.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-04-01"}]}],"versions":["12L"],"ecosystem_specific":{"spl":"2023-04-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/cadac8cdf43ff1854da9b2013dd34f086df724d7"],"types":["EoP"],"severity":"High","vanir_signatures":[{"target":{"file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-a383de1e","digest":{"line_hashes":["206188904398887157952849569299816887768","294715035373445758583643144815576799072","160515729426048839210765872878504830984","64249307036594502547115617933033992750","31929445247905290476559195036969378820","216381434451874399883716768998548753683","67285741456772442012070940876174401461"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/cadac8cdf43ff1854da9b2013dd34f086df724d7","exact_target_file_match_only":true},{"target":{"function":"extractRelativePath","file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-b0222b9d","digest":{"length":392,"function_hash":"186571651556252326343810402849572478373"},"deprecated":false,"signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/cadac8cdf43ff1854da9b2013dd34f086df724d7","exact_target_file_match_only":true}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-228450832.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-04-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2023-04-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/1426f04cd2b4940f9308432d37cc4ef79a7d8340"],"types":["EoP"],"severity":"High","vanir_signatures":[{"target":{"function":"extractRelativePath","file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-30167f3d","digest":{"length":392,"function_hash":"186571651556252326343810402849572478373"},"deprecated":false,"signature_type":"Function","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/1426f04cd2b4940f9308432d37cc4ef79a7d8340","exact_target_file_match_only":true},{"target":{"file":"src/com/android/providers/media/util/FileUtils.java"},"id":"ASB-A-228450832-317baae8","digest":{"line_hashes":["206188904398887157952849569299816887768","294715035373445758583643144815576799072","160515729426048839210765872878504830984","64249307036594502547115617933033992750","31929445247905290476559195036969378820","227227288452679631525890011656619600363","157133681087591560378184964094355114139"],"threshold":0.9},"deprecated":false,"signature_type":"Line","signature_version":"v1","source":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/1426f04cd2b4940f9308432d37cc4ef79a7d8340","exact_target_file_match_only":true}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-228450832.json"}}],"schema_version":"1.7.5"}