In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CPE | Name | Operator | Version |
---|---|---|---|
platform/frameworks/base | eq | 9 | |
platform/frameworks/base | eq | 10 | |
platform/frameworks/base | eq | 8.1 | |
platform/frameworks/base | eq | 8.0 |
android.googlesource.com/platform/frameworks/base/+/36bcc77337814d4d36e2b10eb062ac417d91611e
android.googlesource.com/platform/frameworks/base/+/4236b3e88fe444e2fbec7aa564fccf8b57c071dd
android.googlesource.com/platform/frameworks/base/+/6de34f8ee714691dbc3c089245bf832006826ebe
android.googlesource.com/platform/frameworks/base/+/8669ef385780b8415412407deec85539a1e7db98
android.googlesource.com/platform/frameworks/base/+/ee11625bb707c3512d4e44a35cc85b0bd14a2478
source.android.com/security/bulletin/2021-02-01