Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Android 安全漏洞
Vulnerability Description
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。 Google Android 存在安全漏洞,该漏洞源于 ParcelableListBinder.java 文件的 onTransact 方法存在逻辑错误,有可能窃取 mAllowlistToken 以从后台启动应用程序。
CVSS Information
N/A
Vulnerability Type
N/A