{"id":"ASB-A-327748846","details":"In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is a possible way to bypass factory reset protections due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-327748846","CVE-2024-40677"],"modified":"2026-04-21T15:25:42.831358Z","published":"2024-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-10-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/apps/Settings/+/db26138f07db830e3fb78283d37de3c0296d93cb"}],"affected":[{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15-next:0"},{"fixed":"15-next:2024-10-01"}]}],"versions":["15-next"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["173742608912177889996049081985644185988","242069008596781188726167804369143583846","61098438079244257226418625646337190060","65923295713847155193093310095272517672"],"threshold":0.9},"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/419a6a907902a12a0f565c808fa70092004d6686","target":{"file":"src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java"},"signature_type":"Line","id":"ASB-A-327748846-e622f21b","deprecated":false}],"spl":"2024-10-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/419a6a907902a12a0f565c808fa70092004d6686"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-327748846.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2024-10-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["286322097445266739145543311155003837512","321011801674606316522895851370294965566","99512104343074754691762376674675942180"],"threshold":0.9},"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/0c097d5c0d32c59c3ea7c802fe964acac7715485","target":{"file":"src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java"},"signature_type":"Line","id":"ASB-A-327748846-713c3ae4","deprecated":false}],"spl":"2024-10-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/0c097d5c0d32c59c3ea7c802fe964acac7715485"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-327748846.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2024-10-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["322080841449399450650276724863565667219","50771059607838656481710027965939493781","61098438079244257226418625646337190060","198877885714282711061690986924463604427"],"threshold":0.9},"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/c9d2588c69ce8df208324634d7cea7db08478bf5","target":{"file":"src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java"},"signature_type":"Line","id":"ASB-A-327748846-93380cd5","deprecated":false}],"spl":"2024-10-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/c9d2588c69ce8df208324634d7cea7db08478bf5"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-327748846.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-10-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["322080841449399450650276724863565667219","50771059607838656481710027965939493781","61098438079244257226418625646337190060","198877885714282711061690986924463604427"],"threshold":0.9},"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/23b88e07244bd49cb50be989110ccd0594e46fb4","target":{"file":"src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java"},"signature_type":"Line","id":"ASB-A-327748846-079a56b8","deprecated":false}],"spl":"2024-10-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/23b88e07244bd49cb50be989110ccd0594e46fb4"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-327748846.json"}},{"package":{"name":"platform/packages/apps/Settings","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-10-01"}]}],"versions":["14"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"line_hashes":["216696167709512814950446931344415427527","242069008596781188726167804369143583846","61098438079244257226418625646337190060","131261859173897395205462984993103168164"],"threshold":0.9},"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/apps/Settings/+/2659f8416cb895c849129699e5f676bc2a431c33","target":{"file":"src/com/android/settings/fuelgauge/AdvancedPowerUsageDetail.java"},"signature_type":"Line","id":"ASB-A-327748846-1d879361","deprecated":false}],"spl":"2024-10-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/packages/apps/Settings/+/2659f8416cb895c849129699e5f676bc2a431c33"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-327748846.json"}}],"schema_version":"1.7.5"}