ASB-A-336976105
See a problem?- Import Source
- https://storage.googleapis.com/android-osv-test/ASB-A-336976105.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-336976105
- Aliases
-
- A-336976105
- CVE-2024-40659
- Published
- 2024-09-01T00:00:00Z
- Modified
- 2024-10-23T16:43:06.926828Z
- Summary
- [none]
- Details
-
In getRegistration of RemoteProvisioningService.java, there is a possible way to permanently disable the AndroidKeyStore key generation feature by updating the attestation keys of all installed apps due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/frameworks/base
Package
Android / platform/packages/modules/Permission
Package
Android / platform/packages/modules/RemoteKeyProvisioning
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1210.0,
"function_hash": "234841824562288729416319276645598306787"
},
"id": "ASB-A-336976105-70398ea5",
"source": "https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/20922a9eb1721b23c1d75c811fda0c3cf7d0a4cf",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "app/src/com/android/rkpdapp/service/RemoteProvisioningService.java",
"function": "getRegistration"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"132800871280003918694670160317042139162",
"190884303207015156163118594245004016198",
"204975416451531807782764659610410548911",
"66434609003460990096378821732044406984",
"142937898931828598430970364491931271198",
"161734595346689671121384731744033137378",
"71119018193104367833081393186010998618",
"66728635047074922466260773775375642219"
]
},
"id": "ASB-A-336976105-7f4337c6",
"source": "https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/20922a9eb1721b23c1d75c811fda0c3cf7d0a4cf",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "app/src/com/android/rkpdapp/service/RemoteProvisioningService.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/20922a9eb1721b23c1d75c811fda0c3cf7d0a4cf"
],
"spl": "2024-09-01",
"severity": "High",
"types": [
"DoS"
]
}
Android / platform/packages/modules/RemoteKeyProvisioning
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 1142.0,
"function_hash": "277747717543683618016291332200748615377"
},
"id": "ASB-A-336976105-5d83bd67",
"source": "https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/d9c9db03fae63ac16d76cd68450e78c4a9285104",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "app/src/com/android/rkpdapp/service/RemoteProvisioningService.java",
"function": "getRegistration"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"132800871280003918694670160317042139162",
"190884303207015156163118594245004016198",
"204975416451531807782764659610410548911",
"66434609003460990096378821732044406984",
"142937898931828598430970364491931271198",
"161734595346689671121384731744033137378",
"71119018193104367833081393186010998618",
"66728635047074922466260773775375642219"
]
},
"id": "ASB-A-336976105-bac914fa",
"source": "https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/d9c9db03fae63ac16d76cd68450e78c4a9285104",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "app/src/com/android/rkpdapp/service/RemoteProvisioningService.java"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/RemoteKeyProvisioning/+/d9c9db03fae63ac16d76cd68450e78c4a9285104"
],
"spl": "2024-09-01",
"severity": "High",
"types": [
"DoS"
]
}