{"id":"ASB-A-279055389","details":"In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-279055389","CVE-2023-40093"],"modified":"2026-05-01T15:24:27.653932Z","published":"2024-02-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-02-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/external/pdfium/+/03925281cf25fec70318bf2225356d022b12b566"},{"type":"FIX","url":"https://android.googlesource.com/platform/cts/+/a952c93009cc81c41a086d73a4030a83b7683a04"}],"affected":[{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-02-01"}]}],"versions":["14-next"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/2da6166a42950cb9a94289472da846e2d6842c64"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-02-01"}]}],"versions":["14-next"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/0712eae5bb0bce5ae0027c680373a412fcbfeac1"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2024-02-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/ba1ada191974e23642562437a167160f4baa2e94"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2024-02-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/3e2fb7d98efb4ba7b51fd84e9a0ae04f8c0f7805"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2024-02-01"}]}],"versions":["12"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/75bd8508b7040f33aed77945d5dfe2dfed4a071c"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2024-02-01"}]}],"versions":["12"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/9be8c8c38972f6dbca94e38e0ce1e8a816639126"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2024-02-01"}]}],"versions":["12L"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/61972504f83e3ffe089082cfe323bdd67c48d346"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2024-02-01"}]}],"versions":["12L"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/00a8f89dd8fd35348675de637a841db43fb807e1"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-02-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/4a4e992e9f3af9ea5dc71d725abb599dadbdd5e1"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-02-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/6edbc4e74a73f9cd4256ceb47b77a34ba87df890"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/cts","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-02-01"}]}],"versions":["14"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/cts/+/382f9d1045692f7bc6949d029827f070c21cf53c"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}},{"package":{"name":"platform/external/pdfium","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-02-01"}]}],"versions":["14"],"ecosystem_specific":{"spl":"2024-02-01","fixes":["https://android.googlesource.com/platform/external/pdfium/+/bd17c0b8cf8436f15500ecf027db133b666141d6"],"severity":"High","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-279055389.json"}}],"schema_version":"1.7.5"}