Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite "Lazy Bundle" mitigation
Mysterious patch Let's start this time with the patch that appeared as fix for CVE-2023-45777 in Android Security Bulletin: diff --git a/services/core/java/com/android/server/accounts/AccountManagerServicejava b/services/core/java/com/android/server/accounts/AccountManagerServicejava index 7a19d034c2c85238595fe2a2 100644 --- a/services/core/java/com/android/server/acco