{"id":"PUB-A-261085213","details":"In verifyInputEvent of InputDispatcher.cpp, there is a possible way to conduct click fraud due to side channel information disclosure. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-261085213","CVE-2023-21171"],"modified":"2026-05-29T15:55:33.750044621Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/frameworks/native","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"vanir_signatures":[{"deprecated":false,"target":{"file":"services/inputflinger/dispatcher/InputDispatcher.cpp","function":"InputDispatcher::verifyInputEvent"},"signature_version":"v1","id":"PUB-A-261085213-0d5e7b25","match_only_versions":["13-next"],"digest":{"length":839,"function_hash":"126951636093306267955210735427030098592"},"source":"https://android.googlesource.com/platform/frameworks/native/+/1573a67beda9ae3d940002dcf9150e10567a27fa","signature_type":"Function"},{"source":"https://android.googlesource.com/platform/frameworks/native/+/1573a67beda9ae3d940002dcf9150e10567a27fa","digest":{"threshold":0.9,"line_hashes":["172975099552906943636645555090970561106","16129554178344397025188992391172521759","143453366243382552586464281014762439519","71350515929860112950938380677892398847","15858127591312972650174939353454411654","328697675169440540323019445779150509594","60900883573293013481713867900584301640","11227039276832198482627820593879788695"]},"deprecated":false,"target":{"file":"services/inputflinger/dispatcher/InputDispatcher.cpp"},"signature_version":"v1","id":"PUB-A-261085213-86e90f99","signature_type":"Line"}],"spl":"2023-06-01","types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/native/+/1573a67beda9ae3d940002dcf9150e10567a27fa"],"severity":"Moderate"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261085213.json"}},{"package":{"name":"platform/frameworks/native","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/frameworks/native/+/ca8d670c1656a6a47ef0f31fdfe1744d75fe5543","deprecated":false,"target":{"file":"services/inputflinger/dispatcher/InputDispatcher.cpp"},"digest":{"threshold":0.9,"line_hashes":["303824300990581220001874590490052397503","148550793917289462821925400875386459930","153288540937192761921651348382116884854","42682234385141022261403227674243883843","15858127591312972650174939353454411654","328697675169440540323019445779150509594","60900883573293013481713867900584301640","11227039276832198482627820593879788695"]},"id":"PUB-A-261085213-047fdbf4","signature_type":"Line"},{"deprecated":false,"target":{"file":"services/inputflinger/dispatcher/InputDispatcher.cpp","function":"InputDispatcher::verifyInputEvent"},"signature_version":"v1","id":"PUB-A-261085213-5703c03c","match_only_versions":["13"],"digest":{"length":839,"function_hash":"126951636093306267955210735427030098592"},"signature_type":"Function","source":"https://android.googlesource.com/platform/frameworks/native/+/ca8d670c1656a6a47ef0f31fdfe1744d75fe5543"}],"severity":"Moderate","types":["EoP"],"fixes":["https://android.googlesource.com/platform/frameworks/native/+/ca8d670c1656a6a47ef0f31fdfe1744d75fe5543"],"spl":"2023-06-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261085213.json"}}],"schema_version":"1.7.5"}