Name of the Vulnerable Software and Affected Versions:

TvSettings (affected versions not specified)

Description:

A TOCTOU race condition exists in `AppRestrictionsFragment.java` that allows an attacker to start a malicious activity within the Settings application's system-uid context, leading to the potential for launching any application. This occurs because of a time window between the verification of an `Intent` and its subsequent use, enabling manipulation of the target component's state and bypassing the original security checks.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.