{"id":"ASB-A-321707289","details":"In multiple functions of ManagedServices.java, there is a possible way to hide an app with notification access in the Device & app notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-321707289","CVE-2024-31315"],"modified":"2026-05-25T16:46:24.913870386Z","published":"2024-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-06-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/a9ee2793068235ff423d08cc0964870c054d1983"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-06-01"}]}],"versions":["14-next"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/24b13a64f9f5e5aa7f45a2132806d6c74e2c62dc"],"vanir_signatures":[{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"setComponentState"},"source":"https://android.googlesource.com/platform/frameworks/base/+/24b13a64f9f5e5aa7f45a2132806d6c74e2c62dc","id":"ASB-A-321707289-05fa6f27","deprecated":false,"digest":{"function_hash":"176010394672974903434547082176820691610","length":693},"signature_type":"Function"},{"id":"ASB-A-321707289-7469abbe","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onPackagesChanged"},"source":"https://android.googlesource.com/platform/frameworks/base/+/24b13a64f9f5e5aa7f45a2132806d6c74e2c62dc","signature_version":"v1","deprecated":false,"digest":{"function_hash":"229950929015278584877600561886505014168","length":940},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/24b13a64f9f5e5aa7f45a2132806d6c74e2c62dc","id":"ASB-A-321707289-d0540441","deprecated":false,"digest":{"line_hashes":["152303493496164106993508217458791425448","293024467803048602783671393358372889998","167711720702613334418160598647096415039","68246696124458944715730796709363847590","69708732860108615120195013669010050452","244343812561111275064249697635359288626","317544238217348317533770471570179600951","284478297656767108615677716558087375748","201236183401507526611160167321191161749","335094403533608012732064102159895130936","334356737293272457120632885049443988790","230896710341241745884769570330133944470","296572368232336038852987321402268259718","52708761859064086041316880730002712181","121802422230884942805737408235464363024","277609554391100563659469041400340068545","320048998394571919205374545124804188238","117542800629091504206293633319788798938","182042970821058783378959716167563155707","332552433957842168520577496045970242517"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"reregisterService"},"source":"https://android.googlesource.com/platform/frameworks/base/+/24b13a64f9f5e5aa7f45a2132806d6c74e2c62dc","id":"ASB-A-321707289-e106de26","deprecated":false,"digest":{"function_hash":"48146926082586809216213694168029800596","length":187},"signature_type":"Function"}],"types":["EoP"],"spl":"2024-06-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-321707289.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2024-06-01"}]}],"versions":["12"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b"],"vanir_signatures":[{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onBindingDied"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-3e7013c7","deprecated":false,"digest":{"function_hash":"320093192143236289203342909762808159160","length":598},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onPackagesChanged"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-480cd1f8","deprecated":false,"digest":{"function_hash":"192336863642496734433167734263955820300","length":939},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"setComponentState"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-a90a270c","deprecated":false,"digest":{"function_hash":"39711596733418396887008264586147545861","length":824},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"bindToServices"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-bb54f311","deprecated":false,"digest":{"function_hash":"178115908562044093929218278313571861553","length":942},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-cca1ffe7","deprecated":false,"digest":{"line_hashes":["31769142583888548277355494667763492658","285487520872550322520181597469876542055","234722465802979851089999670590487071788","151531324420244205223003109005997140161","152303493496164106993508217458791425448","293024467803048602783671393358372889998","167711720702613334418160598647096415039","68246696124458944715730796709363847590","69708732860108615120195013669010050452","244343812561111275064249697635359288626","317544238217348317533770471570179600951","194985149393710453063798579785860567545","208073526586049272742959548160247797243","335094403533608012732064102159895130936","334356737293272457120632885049443988790","230896710341241745884769570330133944470","296572368232336038852987321402268259718","52708761859064086041316880730002712181","121802422230884942805737408235464363024","252612840188907347837544733225809253320","337065264594934912558541984342368156296","153583833421018841074491821404370808357","170983692817841132315804265458818598093","297696893416529472000891797047558487008","265751234673807008285943659380938213070","296891617540037407479279252774196866836","30193687297089323045021069195050921564","53082802774081885289692949177909819579","256383426548737893600677502520653938216","90760795303840629125857470034275504304","6450013768136652677605073675109047155","78784904969248623331296578534586289855","134129869797790852107032613742483523786","81237659126899808356603115330609854013","184458020470164500021016940945777250651","139811076572872476943357174212841150038","87080436928259451961096335354450676342","140444440719364636830158694010545523693","137350934884733696968924089995169383131","43009027161536069119658792017514505064","47495948853733034448376449120758456793","65221699845414800303186112052394515284","57003957046710600171636214398882250980","108587633537507210242609878158511307392","163259392130042934327688612239900190215","205445330194672173156666769050352321856","113052317121445173330681684237127512467","197578699197503212693253517123317891653","267963987975675852151668709428127653253","244697827775807681305144048232131764982","71380690434231944391892866383159023063","132549371893741658007276281779035057888","264110940628696633185995086591635414863","323667117287237336041918968005809259096"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"registerServiceLocked"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-e5627d12","deprecated":false,"digest":{"function_hash":"237475718620824192536635296691531044694","length":3460},"signature_type":"Function"}],"types":["EoP"],"spl":"2024-06-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-321707289.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2024-06-01"}]}],"versions":["12L"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b"],"vanir_signatures":[{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"registerServiceLocked"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-12345486","deprecated":false,"digest":{"function_hash":"237475718620824192536635296691531044694","length":3460},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"bindToServices"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-61964a33","deprecated":false,"digest":{"function_hash":"178115908562044093929218278313571861553","length":942},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"setComponentState"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-b5c3f6d4","deprecated":false,"digest":{"function_hash":"39711596733418396887008264586147545861","length":824},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onPackagesChanged"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-b817e041","deprecated":false,"digest":{"function_hash":"192336863642496734433167734263955820300","length":939},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onBindingDied"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-ba609545","deprecated":false,"digest":{"function_hash":"320093192143236289203342909762808159160","length":598},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/0c15cdfdd4720efb72c3244a044bb27e2c286c4b","id":"ASB-A-321707289-e46dffa0","deprecated":false,"digest":{"line_hashes":["31769142583888548277355494667763492658","285487520872550322520181597469876542055","234722465802979851089999670590487071788","151531324420244205223003109005997140161","152303493496164106993508217458791425448","293024467803048602783671393358372889998","167711720702613334418160598647096415039","68246696124458944715730796709363847590","69708732860108615120195013669010050452","244343812561111275064249697635359288626","317544238217348317533770471570179600951","194985149393710453063798579785860567545","208073526586049272742959548160247797243","335094403533608012732064102159895130936","334356737293272457120632885049443988790","230896710341241745884769570330133944470","296572368232336038852987321402268259718","52708761859064086041316880730002712181","121802422230884942805737408235464363024","252612840188907347837544733225809253320","337065264594934912558541984342368156296","153583833421018841074491821404370808357","170983692817841132315804265458818598093","297696893416529472000891797047558487008","265751234673807008285943659380938213070","296891617540037407479279252774196866836","30193687297089323045021069195050921564","53082802774081885289692949177909819579","256383426548737893600677502520653938216","90760795303840629125857470034275504304","6450013768136652677605073675109047155","78784904969248623331296578534586289855","134129869797790852107032613742483523786","81237659126899808356603115330609854013","184458020470164500021016940945777250651","139811076572872476943357174212841150038","87080436928259451961096335354450676342","140444440719364636830158694010545523693","137350934884733696968924089995169383131","43009027161536069119658792017514505064","47495948853733034448376449120758456793","65221699845414800303186112052394515284","57003957046710600171636214398882250980","108587633537507210242609878158511307392","163259392130042934327688612239900190215","205445330194672173156666769050352321856","113052317121445173330681684237127512467","197578699197503212693253517123317891653","267963987975675852151668709428127653253","244697827775807681305144048232131764982","71380690434231944391892866383159023063","132549371893741658007276281779035057888","264110940628696633185995086591635414863","323667117287237336041918968005809259096"],"threshold":0.9},"signature_type":"Line"}],"types":["EoP"],"spl":"2024-06-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-321707289.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-06-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"id":"ASB-A-321707289-5cc592b1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"registerServiceLocked"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","signature_version":"v1","deprecated":false,"digest":{"function_hash":"26205384714736715407603288220563005721","length":3455},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onBindingDied"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","id":"ASB-A-321707289-6bf8d94a","deprecated":false,"digest":{"function_hash":"320093192143236289203342909762808159160","length":598},"signature_type":"Function"},{"id":"ASB-A-321707289-8cdc8d40","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"bindToServices"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","signature_version":"v1","deprecated":false,"digest":{"function_hash":"178115908562044093929218278313571861553","length":942},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"setComponentState"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","id":"ASB-A-321707289-b80ccb32","deprecated":false,"digest":{"function_hash":"4733210469537882213085819753060676815","length":692},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","id":"ASB-A-321707289-d5f40594","deprecated":false,"digest":{"line_hashes":["152303493496164106993508217458791425448","293024467803048602783671393358372889998","167711720702613334418160598647096415039","68246696124458944715730796709363847590","69708732860108615120195013669010050452","244343812561111275064249697635359288626","317544238217348317533770471570179600951","284478297656767108615677716558087375748","201236183401507526611160167321191161749","335094403533608012732064102159895130936","334356737293272457120632885049443988790","230896710341241745884769570330133944470","296572368232336038852987321402268259718","52708761859064086041316880730002712181","121802422230884942805737408235464363024","252612840188907347837544733225809253320","337065264594934912558541984342368156296","153583833421018841074491821404370808357","170983692817841132315804265458818598093","297696893416529472000891797047558487008","265751234673807008285943659380938213070","296891617540037407479279252774196866836","30193687297089323045021069195050921564","53082802774081885289692949177909819579","256383426548737893600677502520653938216","90760795303840629125857470034275504304","6450013768136652677605073675109047155","78784904969248623331296578534586289855","134129869797790852107032613742483523786","81237659126899808356603115330609854013","184458020470164500021016940945777250651","139811076572872476943357174212841150038","87080436928259451961096335354450676342","140444440719364636830158694010545523693","137350934884733696968924089995169383131","43009027161536069119658792017514505064","47495948853733034448376449120758456793","65221699845414800303186112052394515284","57003957046710600171636214398882250980","108587633537507210242609878158511307392","163259392130042934327688612239900190215","205445330194672173156666769050352321856","113052317121445173330681684237127512467","197578699197503212693253517123317891653","267963987975675852151668709428127653253","244697827775807681305144048232131764982","71380690434231944391892866383159023063","132549371893741658007276281779035057888","264110940628696633185995086591635414863","323667117287237336041918968005809259096"],"threshold":0.9},"signature_type":"Line"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onPackagesChanged"},"source":"https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc","id":"ASB-A-321707289-fb3be466","deprecated":false,"digest":{"function_hash":"192336863642496734433167734263955820300","length":939},"signature_type":"Function"}],"types":["EoP"],"spl":"2024-06-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/f126be35f4b9f179dbb957ec56ca80b12f47abdc"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-321707289.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-06-01"}]}],"versions":["14"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/4d4224c1b9f87a156324153854a1567e842ecb22"],"vanir_signatures":[{"id":"ASB-A-321707289-10653114","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"setComponentState"},"source":"https://android.googlesource.com/platform/frameworks/base/+/4d4224c1b9f87a156324153854a1567e842ecb22","signature_version":"v1","deprecated":false,"digest":{"function_hash":"176010394672974903434547082176820691610","length":693},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"reregisterService"},"source":"https://android.googlesource.com/platform/frameworks/base/+/4d4224c1b9f87a156324153854a1567e842ecb22","id":"ASB-A-321707289-1691bb57","deprecated":false,"digest":{"function_hash":"48146926082586809216213694168029800596","length":187},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java","function":"onPackagesChanged"},"source":"https://android.googlesource.com/platform/frameworks/base/+/4d4224c1b9f87a156324153854a1567e842ecb22","id":"ASB-A-321707289-44b1ace5","deprecated":false,"digest":{"function_hash":"229950929015278584877600561886505014168","length":940},"signature_type":"Function"},{"signature_version":"v1","target":{"file":"services/core/java/com/android/server/notification/ManagedServices.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/4d4224c1b9f87a156324153854a1567e842ecb22","id":"ASB-A-321707289-c5b6393b","deprecated":false,"digest":{"line_hashes":["152303493496164106993508217458791425448","293024467803048602783671393358372889998","167711720702613334418160598647096415039","68246696124458944715730796709363847590","69708732860108615120195013669010050452","244343812561111275064249697635359288626","317544238217348317533770471570179600951","284478297656767108615677716558087375748","201236183401507526611160167321191161749","335094403533608012732064102159895130936","334356737293272457120632885049443988790","230896710341241745884769570330133944470","296572368232336038852987321402268259718","52708761859064086041316880730002712181","121802422230884942805737408235464363024","277609554391100563659469041400340068545","320048998394571919205374545124804188238","117542800629091504206293633319788798938","182042970821058783378959716167563155707","332552433957842168520577496045970242517"],"threshold":0.9},"signature_type":"Line"}],"types":["EoP"],"spl":"2024-06-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-321707289.json"}}],"schema_version":"1.7.5"}