GrapheneOS · Sec0xEd · Dec 18, 2025
diff --git a/src/com/android/messaging/datamodel/action/ActionServiceImpl.java b/src/com/android/messaging/datamodel/action/ActionServiceImpl.java
@@ -201,8 +201,11 @@ public static PendingIntent makeStartActionPendingIntent(final Context context,
         if (launchesAnActivity) {
             intent.addFlags(Intent.FLAG_RECEIVER_FOREGROUND);
         }
+        // Use FLAG_IMMUTABLE since this PendingIntent doesn't require modification.
+        // This prevents potential PendingIntent hijacking attacks.
+        // Reference: https://developer.android.com/reference/android/app/PendingIntent#FLAG_IMMUTABLE
         return PendingIntent.getBroadcast(context, requestCode, intent,
-                PendingIntent.FLAG_UPDATE_CURRENT);
+                PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE);
     }
 
     /**

diff --git a/src/com/android/messaging/ui/UIIntentsImpl.java b/src/com/android/messaging/ui/UIIntentsImpl.java
@@ -483,8 +483,10 @@ public PendingIntent getPendingIntentForLowStorageNotifications(final Context co
         taskStackBuilder.addNextIntentWithParentStack(
                 getSmsStorageLowWarningActivityIntent(context));
 
+        // Use FLAG_IMMUTABLE since this PendingIntent launches a fixed activity
+        // and doesn't require modification by external apps.
         return taskStackBuilder.getPendingIntent(
-                0, PendingIntent.FLAG_UPDATE_CURRENT);
+                0, PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_IMMUTABLE);
     }
 
     @Override