ASB-A-186803518

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-186803518.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-186803518

Aliases

A-186803518
CVE-2023-20952

Published

2023-03-01T00:00:00Z

Modified

2026-03-09T15:09:45.114269Z

Summary

[none]

Details

In A2DPBuildCodecHeaderSbc of a2dpsbc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android

platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-03-01

Affected versions

Other

13-next

Ecosystem specific

{
    "severity": "High",
    "spl": "2023-03-01",
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eb53b8cbf548873bea30cf0ac6a753d679be4511",
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/46dc2f111709cea06e41ae2943be3b8183281bdd",
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/cd5a404fa5c0b073de027f06c227ffa53773fd7d"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-186803518-410c9498",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "249467105770412828602936980127046494444",
                    "51269215473166754889499891976278170469",
                    "128257971113454018681435094771519547281",
                    "147510532338844957757740389563405766239"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "system/stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/cd5a404fa5c0b073de027f06c227ffa53773fd7d",
            "signature_version": "v1",
            "deprecated": false
        },
        {
            "id": "ASB-A-186803518-61d9c701",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "296556147406330627874925836528608605248",
                    "245430012615150207290794498376612315317",
                    "65955188663457735581715967752580334423"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "system/stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eb53b8cbf548873bea30cf0ac6a753d679be4511",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-186803518.json"

platform/system/bt

Package

Name: platform/system/bt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

11:0

Fixed

11:2023-03-01

Affected versions

Other

Ecosystem specific

{
    "severity": "High",
    "spl": "2023-03-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-186803518-e1e4d0e2",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "174637781470851331325020498513394251697",
                    "228587247365173046208711015258126312277",
                    "105881286815907948529534873857928629637"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-186803518.json"

platform/system/bt

Package

Name: platform/system/bt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2023-03-01

Affected versions

Other

Ecosystem specific

{
    "severity": "High",
    "spl": "2023-03-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-186803518-95c4cb97",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "174637781470851331325020498513394251697",
                    "228587247365173046208711015258126312277",
                    "105881286815907948529534873857928629637"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-186803518.json"

platform/system/bt

Package

Name: platform/system/bt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12L:0

Fixed

12L:2023-03-01

Affected versions

Other

12L

Ecosystem specific

{
    "severity": "High",
    "spl": "2023-03-01",
    "fixes": [
        "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-186803518-4f5c51fc",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "174637781470851331325020498513394251697",
                    "228587247365173046208711015258126312277",
                    "105881286815907948529534873857928629637"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/system/bt/+/a710300216be4a86373a65c6a685aeef8509cfa7",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-186803518.json"

platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2023-03-01

Affected versions

Other

Ecosystem specific

{
    "severity": "High",
    "spl": "2023-03-01",
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b0d7d4e82902f15504ef4f2be4524b1913df5afe"
    ],
    "vanir_signatures": [
        {
            "id": "ASB-A-186803518-071cb262",
            "signature_type": "Line",
            "digest": {
                "line_hashes": [
                    "296556147406330627874925836528608605248",
                    "245430012615150207290794498376612315317",
                    "65955188663457735581715967752580334423"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "system/stack/a2dp/a2dp_sbc.cc"
            },
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b0d7d4e82902f15504ef4f2be4524b1913df5afe",
            "signature_version": "v1",
            "deprecated": false
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-186803518.json"