In Content Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2023-10-30T16:56:28.113Z

Updated: 2024-09-06T20:31:32.237Z

Reserved: 2022-11-03T22:37:50.657Z

Link: CVE-2023-21304

cve-icon Vulnrichment

Updated: 2024-08-02T09:36:33.259Z

cve-icon NVD

Status : Modified

Published: 2023-10-30T17:15:48.153

Modified: 2024-11-21T07:42:36.337

Link: CVE-2023-21304

cve-icon Redhat

No data.