CVE-2022-20395

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-13

Description The issue is related to a path traversal error in the checkAccess function of MediaProvider.java. This error can lead to a possible file deletion, resulting in local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android versions Android-11 through Android-13, update to a version that includes the fix for the path traversal error in MediaProvider.java. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.