In SELinux policy, there is a possible way of inferring which websites are being opened in the browser due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-166269532Read More
CVE-2022-20340
![](https://api-security.blog/wp-content/uploads/2022/08/cve-min-1-P06m6R-1024x683.png)