In Session of AccountManagerService.java, there is a possible method to
retain foreground service privileges due to incorrect handling of null
responses. This could lead to local escalation of privilege with no
additional execution privileges needed. User interaction is not needed for
exploitation.
android.googlesource.com/platform/frameworks/base/+/2c236cde5505ee0e88cf1e3d073e2f1a53f0eede
launchpad.net/bugs/cve/CVE-2024-0048
nvd.nist.gov/vuln/detail/CVE-2024-0048
security-tracker.debian.org/tracker/CVE-2024-0048
source.android.com/security/bulletin/2024-03-01
www.cve.org/CVERecord?id=CVE-2024-0048