In PackageManagerNative, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2023-10-30T16:18:54.387Z

Updated: 2024-09-06T20:34:29.171Z

Reserved: 2022-11-03T22:37:50.656Z

Link: CVE-2023-21293

cve-icon Vulnrichment

Updated: 2024-08-02T09:36:33.157Z

cve-icon NVD

Status : Modified

Published: 2023-10-30T17:15:47.670

Modified: 2024-11-21T07:42:34.943

Link: CVE-2023-21293

cve-icon Redhat

No data.