{"id":"ASB-A-282934003","details":"In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way for an app in the work profile to enable notification listener services due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-282934003","CVE-2024-0021"],"modified":"2026-04-17T15:55:28.020024Z","published":"2024-01-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-01-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/apps/Settings/+/53ea491d276f9a7c586c7983c08105a9bb7051f1"}],"affected":[{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-01-01"}]}],"versions":["14-next"],"ecosystem_specific":{"severity":"High","types":["EoP"],"vanir_signatures":[{"digest":{"length":1562,"function_hash":"268706452313105839074377310576546791462"},"signature_version":"v1","id":"ASB-A-282934003-0b9cd9a6","signature_type":"Function","deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java","function":"onCreate"},"source":"https://android.googlesource.com/platform/packages/apps/Settings/+/81893c2b6f0743e7786ee133922c68834e3a4e16"},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/81893c2b6f0743e7786ee133922c68834e3a4e16","signature_type":"Line","match_only_versions":["14-next"],"deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java"},"id":"ASB-A-282934003-4c90ddc3","digest":{"threshold":0.9,"line_hashes":["141125589436156041550188020170899070230","189901099933642250180019973863969523683","250312331729976333671901728645612126099","256592621761953045054844125149111820352","328114276595521853336613073004655899917","99092410661102412195360826873398395171","106690650067377600027213558808887643996","129862251475411717454851089808599565352","338911370750416462991039382607241916756","18667552456110097476006100751115697760","234420497786260799882938670269203074949","670885048613224778447063327399056270","288164006759065311165720142323170438788","284657056903129495323993162796269650707","180999594832339457430556394504017846426","313748135233278133443002180413946279729","5431729472395377463904258632464127786","227914988771848882785915537835552047176","322723144746729239398803183088394396902","272035388686031757363134998249435411377"]}}],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/81893c2b6f0743e7786ee133922c68834e3a4e16"],"spl":"2024-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-282934003.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-01-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/3465535747643a64e7b5b88f43ced06492ad5264","signature_type":"Line","match_only_versions":["13"],"deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java"},"id":"ASB-A-282934003-626e7ef0","digest":{"threshold":0.9,"line_hashes":["141125589436156041550188020170899070230","189901099933642250180019973863969523683","250312331729976333671901728645612126099","256592621761953045054844125149111820352","328114276595521853336613073004655899917","99092410661102412195360826873398395171","106690650067377600027213558808887643996","129862251475411717454851089808599565352","338911370750416462991039382607241916756","18667552456110097476006100751115697760","234420497786260799882938670269203074949","670885048613224778447063327399056270","288164006759065311165720142323170438788","284657056903129495323993162796269650707","180999594832339457430556394504017846426","313748135233278133443002180413946279729","5431729472395377463904258632464127786","227914988771848882785915537835552047176","322723144746729239398803183088394396902","272035388686031757363134998249435411377"]}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/3465535747643a64e7b5b88f43ced06492ad5264","signature_type":"Function","match_only_versions":["13"],"deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java","function":"onCreate"},"id":"ASB-A-282934003-9cf5735f","digest":{"length":1654,"function_hash":"206317504436942739198941523319335007103"}}],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/3465535747643a64e7b5b88f43ced06492ad5264"],"spl":"2024-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-282934003.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-01-01"}]}],"versions":["14"],"ecosystem_specific":{"severity":"High","types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/aa122da7d604900986531cabac1f72e6f1989268","signature_type":"Function","match_only_versions":["14"],"deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java","function":"onCreate"},"id":"ASB-A-282934003-2c24ac71","digest":{"length":1654,"function_hash":"206317504436942739198941523319335007103"}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/aa122da7d604900986531cabac1f72e6f1989268","signature_type":"Line","match_only_versions":["14"],"deprecated":false,"target":{"file":"src/com/android/settings/notification/NotificationAccessConfirmationActivity.java"},"id":"ASB-A-282934003-3fb4efb8","digest":{"threshold":0.9,"line_hashes":["141125589436156041550188020170899070230","189901099933642250180019973863969523683","250312331729976333671901728645612126099","256592621761953045054844125149111820352","328114276595521853336613073004655899917","99092410661102412195360826873398395171","106690650067377600027213558808887643996","129862251475411717454851089808599565352","338911370750416462991039382607241916756","18667552456110097476006100751115697760","234420497786260799882938670269203074949","670885048613224778447063327399056270","288164006759065311165720142323170438788","284657056903129495323993162796269650707","180999594832339457430556394504017846426","313748135233278133443002180413946279729","5431729472395377463904258632464127786","227914988771848882785915537835552047176","322723144746729239398803183088394396902","272035388686031757363134998249435411377"]}}],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/aa122da7d604900986531cabac1f72e6f1989268"],"spl":"2024-01-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-282934003.json"}}],"schema_version":"1.7.5"}