git log --oneline | grep CVE-20xx-xxxx
#### Fix CVE-2024-31319
Decription about CVE:
- CVE Verify URI permission for channel sound update from NotificationListenerService
- Check that a privileged NotificationListenerService (CDM) has the permission to access the sound URI
when updating a notification channel.
Current error analysis:
- Not have URI permission
Solution:
- Add URI permission
find CVE-2024-31319 by use
git log --oneline | grep CVE-2024-31319
result:
9cdc3b62d1f6 [jazz:188709][SPL-06-2024]CVE-2024-31319
use git show 9cdc3b62d1f6 to see apply
and result apply ok of the CVE-2024-31319
so check diff each the special file the newest commit between the commit 9cdc3b62d1f6 by use
git diff 9cdc3b62d1f6 NotificationManagerService.java
and resule see the apply be removed (use special module), so check where commit remove the module by use
git log -S'verifyPrivilegedListenerUriPermission' -- NotificationManagerService.java
and see 2 commit to change that 8247e4b20a2e94339019e3fb2d9060287527e6e3 and 9cdc3b62d1f6612dfc860403bd1e33d53de3e894
use git show the newest commit and see 8247e4b20a2e94339019e3 (remove apply code) and 9cdc3b62d1f6612dfc86 (apply code)
use git revert 8247e4b20a2e94339019e3 to remove the modify
#### Fix CVE-2024-0039