{"id":"ASB-A-277740848","details":"In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-277740848","CVE-2023-21238"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2023-07-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-07-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-07-01"}]}],"versions":["13-next"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0","id":"ASB-A-277740848-57eada37","target":{"file":"core/java/android/widget/RemoteViews.java"}},{"deprecated":false,"signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","id":"ASB-A-277740848-5ea3c7f8","target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}},{"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","id":"ASB-A-277740848-638a6408","target":{"file":"core/java/android/widget/RemoteViews.java"}},{"id":"ASB-A-277740848-96c2507c","signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0","deprecated":false,"target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}}],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","https://android.googlesource.com/platform/frameworks/base/+/d82e19ca7dc95e724cbc8477688818cda33fdba0"],"types":["ID"],"spl":"2023-07-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-277740848.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2023-07-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8","id":"ASB-A-277740848-69894fd5","target":{"file":"core/java/android/widget/RemoteViews.java"}},{"id":"ASB-A-277740848-dc878155","signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8","deprecated":false,"target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}}],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/43e1ae4e0d408604b9e3c18ac0e9bf87529b92a8"],"types":["ID"],"spl":"2023-07-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-277740848.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2023-07-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-277740848-830714f5","signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","deprecated":false,"target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}},{"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","id":"ASB-A-277740848-bb3659f3","target":{"file":"core/java/android/widget/RemoteViews.java"}}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"],"severity":"High","spl":"2023-07-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-277740848.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2023-07-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","id":"ASB-A-277740848-a2f9bb46","target":{"file":"core/java/android/widget/RemoteViews.java"}},{"deprecated":false,"signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","id":"ASB-A-277740848-a5b1e781","target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}}],"severity":"High","fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"],"types":["ID"],"spl":"2023-07-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-277740848.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-07-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-277740848-8289e474","signature_version":"v1","digest":{"length":190,"function_hash":"111810108874556137557640008461423736335"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","deprecated":false,"target":{"function":"visitUris","file":"core/java/android/widget/RemoteViews.java"}},{"id":"ASB-A-277740848-91d1ab5e","signature_version":"v1","digest":{"line_hashes":["18893358093154404341348852068354358806","50423517392454067396854009113314657598","60246086670864434399416018304216395629","193393101714492895223609934779057213903"],"threshold":0.9},"signature_type":"Line","source":"https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69","deprecated":false,"target":{"file":"core/java/android/widget/RemoteViews.java"}}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b4692946c10d11c1e935869e11dc709a9cdcba69"],"severity":"High","spl":"2023-07-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-277740848.json"}}],"schema_version":"1.7.5"}