In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Wed, 21 Aug 2024 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-284 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-02-16T00:08:17.660Z
Updated: 2024-08-21T20:12:35.267Z
Reserved: 2023-11-16T22:59:16.345Z
Link: CVE-2024-0036
Vulnrichment
Updated: 2024-08-01T17:41:15.513Z
NVD
Status : Awaiting Analysis
Published: 2024-02-16T02:15:51.047
Modified: 2024-08-21T21:35:03.820
Link: CVE-2024-0036
Redhat
No data.