We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Reserved 2024-08-05 | Published 2024-11-13 | Updated 2024-11-13 | Assigner google_androidDate added 2024-11-07 | Due date 2024-11-28
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Elevation of privilege
android.googlesource.com/...22019f7ed8e3f80bd6cd16f8bcb809ed
source.android.com/security/bulletin/2024-11-01
Support options