Android UserController Lock Screen Bypass Vulnerability Allowing Privilege Escalation

A race condition vulnerability has been identified in the UserController component of the Android framework. This issue allows for a lock screen bypass, potentially leading to unauthorized access to privileged operations. The vulnerability exists in multiple versions of the Android framework, specifically within the UserController.java file, and can be exploited without any additional permissions or user interaction.

Impact

Exploitation of this vulnerability can cause a lock screen bypass, allowing unauthorized access to privileged operations.

Reproduction

The vulnerability can be reproduced by switching users on a device with a security lock, such as a pattern, pin, or password. The race condition occurs when the system user is started in the background while the main user is in the foreground, causing a collision that bypasses the lock screen.

Remediation

Users can update to the latest version of Android to address this vulnerability. Instructions for checking and updating the Android version are available on the Google Support website.