Preface: The Android operating system is mainly based on Linux, and its kernel is written in C language. Some modifications may have been done using the C++ language.

Background:
Get Group State – Different software uses different way (see below):

• only need to input the queried union information unionID
• need unionID and zoneID; query information about the state of the union binding the group Return information and result:

static void GetGroupState (String unionID, String zoneID = “”, String extraJson = “”) ;

Vulnerability details: In getGroupState of GrantPermissionsViewModel.kt, there is a possible way to keep a one-time permission granted due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

If a permission is split, all permissions the original permission is split into are affected.
For <= N_MR1 apps all permissions of the groups of the requested permissions are affected

Affected Products: AndroidVersions: Android-12 Android-12L Android-13Android

Official announcement: For details, see the link – https://nvd.nist.gov/vuln/detail/CVE-2023-20947