ASB-A-203431023
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-203431023.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-203431023
- Aliases
-
- A-203431023
- CVE-2022-20126
- Published
- 2022-06-01T00:00:00Z
- Modified
- 2026-04-21T15:25:42.831358Z
- Summary
- [none]
- Details
-
In setScanMode of AdapterService.java, there is a possible way to enable Bluetooth discovery mode without user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
- References
Affected packages
Android
platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 297.0,
"function_hash": "306408796174320226647143357411811607888"
},
"id": "ASB-A-203431023-0564ff75",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e208fcf394b9591a41250de8ee8bdad3bd9af558",
"target": {
"function": "setDiscoverableTimeout",
"file": "android/app/src/com/android/bluetooth/btservice/AdapterService.java"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"184196211465596637036676436981022160986",
"310663038790803474228144224051457634065",
"235200042516890789000893520623616856433",
"74056111292228662419642069507111208323",
"280865106268737356318352464790165724163",
"31751067178526632610812621753358219135",
"121380037984780544106085503251813162023",
"115406219874387320131559651200307225012",
"202006277810136237772203677493381325889",
"184997035097119368774453889288419654155",
"228403452926252819945841653792026404095",
"79357729360616193902807655643700292302",
"53073610528342643939637634752102331140",
"233298843227634921828128355666204684003",
"129041647635244075524337653918275144826",
"201497200635376658514585156517811832238",
"299108017017304219847357040897943149945",
"26336067661531312286298575742099149644",
"216431135408102165191893687207576056864",
"176281420003676838415340115292266963530",
"219325013445161890951510386503674400884",
"231031870505611136751596413830225061327",
"73397768373368757536479802789304542650",
"86297380719523360092289164958136849650",
"96504084766857505299204479415726309676",
"160057590753693384341480522250881637743",
"1133394177015753540700299389162097589",
"252693157415961571234960786732231294635",
"325256900392167122739568556677971918605",
"59383564349327758604786432256412400049",
"97788076907198308619448996106236548653",
"259482035435254778313450921017276894325"
]
},
"id": "ASB-A-203431023-0f43b4af",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e208fcf394b9591a41250de8ee8bdad3bd9af558",
"target": {
"file": "android/app/src/com/android/bluetooth/btservice/AdapterService.java"
}
},
{
"digest": {
"length": 273.0,
"function_hash": "337355188220726876884449145526534949697"
},
"id": "ASB-A-203431023-57193b34",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e208fcf394b9591a41250de8ee8bdad3bd9af558",
"target": {
"function": "getDiscoverableTimeout",
"file": "android/app/src/com/android/bluetooth/btservice/AdapterService.java"
}
},
{
"digest": {
"length": 350.0,
"function_hash": "224398954382340583561811694483425651957"
},
"id": "ASB-A-203431023-da1724b4",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e208fcf394b9591a41250de8ee8bdad3bd9af558",
"target": {
"function": "setScanMode",
"file": "android/app/src/com/android/bluetooth/btservice/AdapterService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e208fcf394b9591a41250de8ee8bdad3bd9af558"
],
"types": [
"EoP"
],
"spl": "2022-06-01",
"severity": "High"
}platform/packages/apps/Bluetooth
Package
- Name
- platform/packages/apps/Bluetooth
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"236829967481794875659806067643400471350",
"221889625477845835155469983470567822437",
"318959092762556263064621329974291824841",
"108872696766585779850438660990602331717"
]
},
"id": "ASB-A-203431023-7888c779",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/95cbb22647ef5e4505f64d97b7dcbfad2a9fb0e0",
"target": {
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
}
},
{
"digest": {
"length": 209.0,
"function_hash": "339203127178591143702063251470082974776"
},
"id": "ASB-A-203431023-a11e83cd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/95cbb22647ef5e4505f64d97b7dcbfad2a9fb0e0",
"target": {
"function": "setScanMode",
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Bluetooth/+/95cbb22647ef5e4505f64d97b7dcbfad2a9fb0e0"
],
"types": [
"EoP"
],
"spl": "2022-06-01",
"severity": "High"
}platform/packages/apps/Bluetooth
Package
- Name
- platform/packages/apps/Bluetooth
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284189501339935948702336696034543302981",
"20429472355090212643904629645984168325",
"92254625992077032004077375276068304370",
"310656572878670007030099036643950233342"
]
},
"id": "ASB-A-203431023-a5b6da18",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/649612a49791564b43e6f5d41cb4a5ae07d94394",
"target": {
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Bluetooth/+/649612a49791564b43e6f5d41cb4a5ae07d94394"
],
"types": [
"EoP"
],
"spl": "2022-06-01",
"severity": "High"
}platform/packages/apps/Bluetooth
Package
- Name
- platform/packages/apps/Bluetooth
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"115406219874387320131559651200307225012",
"202006277810136237772203677493381325889",
"184997035097119368774453889288419654155"
]
},
"id": "ASB-A-203431023-9bd93427",
"deprecated": false,
"target": {
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
},
"signature_type": "Line",
"match_only_versions": [
"12"
],
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae",
"signature_version": "v1"
},
{
"digest": {
"length": 350.0,
"function_hash": "224398954382340583561811694483425651957"
},
"id": "ASB-A-203431023-aa617f78",
"deprecated": false,
"target": {
"function": "setScanMode",
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
},
"signature_type": "Function",
"match_only_versions": [
"12"
],
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae",
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae"
],
"types": [
"EoP"
],
"spl": "2022-06-01",
"severity": "High"
}platform/packages/apps/Bluetooth
Package
- Name
- platform/packages/apps/Bluetooth
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"115406219874387320131559651200307225012",
"202006277810136237772203677493381325889",
"184997035097119368774453889288419654155"
]
},
"id": "ASB-A-203431023-829ae564",
"deprecated": false,
"target": {
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
},
"signature_type": "Line",
"match_only_versions": [
"12L"
],
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae",
"signature_version": "v1"
},
{
"digest": {
"length": 350.0,
"function_hash": "224398954382340583561811694483425651957"
},
"id": "ASB-A-203431023-ff5778ad",
"deprecated": false,
"target": {
"function": "setScanMode",
"file": "src/com/android/bluetooth/btservice/AdapterService.java"
},
"signature_type": "Function",
"match_only_versions": [
"12L"
],
"source": "https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae",
"signature_version": "v1"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Bluetooth/+/e49e5dc377dd39c523c287b71c0831159e2cc6ae"
],
"types": [
"EoP"
],
"spl": "2022-06-01",
"severity": "High"
}