{"id":"ASB-A-341680936","details":"In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to  incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.","aliases":["A-341680936","CVE-2024-43093"],"modified":"2026-05-26T15:46:26.044149249Z","published":"2025-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2025-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/frameworks/base/+/7f83c671626f9bf993581f4598c22482d87cba10"}],"affected":[{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15-next:0"},{"fixed":"15-next:2025-03-01"}]}],"versions":["15-next"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-6abff257","signature_version":"v1","signature_type":"Line","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/b91437020051b4f7fb78dbe14b40dd2f7c754f48"},{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-6d48f70b","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/b91437020051b4f7fb78dbe14b40dd2f7c754f48"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/b91437020051b4f7fb78dbe14b40dd2f7c754f48"],"spl":"2025-03-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2025-03-01"}]}],"versions":["12"],"ecosystem_specific":{"severity":"High","vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-924a566b","signature_type":"Line","signature_version":"v1","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/01006f7f97083ae49a546f9e0a94db7bdfd2a152"},{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-ef88540c","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/01006f7f97083ae49a546f9e0a94db7bdfd2a152"}],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/01006f7f97083ae49a546f9e0a94db7bdfd2a152"],"spl":"2025-03-01","types":["EoP"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2025-03-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-22b5a8ba","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/da4b7509afc15cda9195501b41ecc6c5a0670c19"},{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-deeae657","signature_type":"Line","signature_version":"v1","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/da4b7509afc15cda9195501b41ecc6c5a0670c19"}],"types":["EoP"],"severity":"High","spl":"2025-03-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/da4b7509afc15cda9195501b41ecc6c5a0670c19"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"15:0"},{"fixed":"15:2025-03-01"}]}],"versions":["15"],"ecosystem_specific":{"severity":"High","types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/3ebd6405d2e87e6df0887d76470e4b7504bd3a4d"],"spl":"2025-03-01","vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-5f90f593","signature_version":"v1","signature_type":"Line","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/3ebd6405d2e87e6df0887d76470e4b7504bd3a4d"},{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-983dff61","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/3ebd6405d2e87e6df0887d76470e4b7504bd3a4d"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2025-03-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-03fb263a","signature_type":"Line","signature_version":"v1","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/7f1bc271379d97bed56e33f8470992d38bce5531"},{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-d21eec5b","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/7f1bc271379d97bed56e33f8470992d38bce5531"}],"types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/base/+/7f1bc271379d97bed56e33f8470992d38bce5531"],"spl":"2025-03-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}},{"package":{"name":"platform/frameworks/base","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2025-03-01"}]}],"versions":["14"],"ecosystem_specific":{"vanir_signatures":[{"digest":{"threshold":0.9,"line_hashes":["82383509994944209197550046869742228831","92736127983341831571401450139155350602","11178458602711922477761236377671491738","218593904282397687475559102996718449354","163959190879765981841303926269514662985","229395446405442564238235676967819175315","69872619935661865626078323738185575240","176760729794269842001035921457772591482","180111467092620191187509636909841449915","231554190964722082970558902036937057288","209123422967229645531423107889931090188","224765289385384294407017732659433291177","17687126784026348192855174961885991782","189531952909343160028141470373618825497","244758599954022578569552642200938371143","243445143413923747903612479158629299082","229312143133866111910960041947068522991","223098270538101092763464501278079255337","177850502028062498000214868692648001981","25034569560734105328920507087347052786","53072638448672322689479527507176646283","111586911541459156417573305324852249917","332800826803127257022304227152783767803"]},"deprecated":false,"id":"ASB-A-341680936-a468dd1b","signature_version":"v1","signature_type":"Line","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java"},"source":"https://android.googlesource.com/platform/frameworks/base/+/c984c3b842c2b458db2f1a29574af1d137f28143"},{"digest":{"length":207,"function_hash":"297717396204470872634311050904808164171"},"deprecated":false,"id":"ASB-A-341680936-af220e70","signature_version":"v1","signature_type":"Function","target":{"file":"packages/ExternalStorageProvider/src/com/android/externalstorage/ExternalStorageProvider.java","function":"shouldHideDocument"},"source":"https://android.googlesource.com/platform/frameworks/base/+/c984c3b842c2b458db2f1a29574af1d137f28143"}],"types":["EoP"],"severity":"High","spl":"2025-03-01","fixes":["https://android.googlesource.com/platform/frameworks/base/+/c984c3b842c2b458db2f1a29574af1d137f28143"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-341680936.json"}}],"schema_version":"1.7.5"}