{"id":"ASB-A-329631990","details":"In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-329631990","CVE-2026-0009"],"modified":"2026-06-23T15:45:40.410020820Z","published":"2026-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2026-06-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/61808742c17acb107221fa5f0ce998532dbc0bed"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/8a710e8508880a2af058ad93b58b4fe5e770be57"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/providers/MediaProvider/+/f04605de9b68a9301e9ca59b7335cb1978cac792"}],"affected":[{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"17-next:0"},{"fixed":"17-next:2026-06-01"}]}],"versions":["17-next"],"ecosystem_specific":{"spl":"2026-06-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/37726a74bb1fd83f26661755253649bdfc395862","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/0304e031b66fb328bf0b3d8721179452432b26ec","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/c5d89a70a250e3b27952764519000bd7ca98262b","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/bf034ab4e140ba913b1d98e7ca9ecfb652f96973","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/7cdcc3e2ad6ac4acc88e8d7a32fd4f834b93dcf0"],"types":["EoP"],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-329631990.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15:0"},{"fixed":"15:2026-06-01"}]}],"versions":["15"],"ecosystem_specific":{"spl":"2026-06-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/7e93843ccca4e5ebf67dabd24a3311745817289c","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/0f5ff758caec815122ff3048cfd4ed95b84aa00f","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/543afa4a4b315bb13c4f812dd8ad096fd2aa7d4b"],"severity":"High","types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-329631990.json"}},{"package":{"name":"platform/packages/providers/MediaProvider","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"16:0"},{"fixed":"16:2026-06-01"}]}],"versions":["16"],"ecosystem_specific":{"spl":"2026-06-01","fixes":["https://android.googlesource.com/platform/packages/providers/MediaProvider/+/9b753d8558b9c6016026507aa83085f745dd21d3","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/96625b49815d7f7a670d5a71305cbfd533521da1","https://android.googlesource.com/platform/packages/providers/MediaProvider/+/34d5fa2ebd49687140fb1d14bfda5863ae238cfd"],"severity":"High","types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-329631990.json"}}],"schema_version":"1.7.5"}