ASB-A-228078096
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-228078096.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-228078096
- Aliases
-
- A-228078096
- CVE-2022-20222
- Published
- 2022-07-01T00:00:00Z
- Modified
- 2026-04-21T15:25:42.831358Z
- Summary
- [none]
- Details
-
In readattrvalue of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/bt
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 2001.0,
"function_hash": "237028429680686170678538706192668025085"
},
"id": "ASB-A-228078096-c64731be",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301",
"target": {
"function": "read_attr_value",
"file": "stack/gatt/gatt_db.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"271746948007969399780649439146152314031",
"299042952866365987543762007777832047713",
"318243900175279289348924400889235391181",
"289412709252196214277184826095030737563",
"17781346145243886110576082688024869423",
"56659749081856240233204289263814143202",
"88485116540816326733942640167814252172"
]
},
"id": "ASB-A-228078096-d2bc01b5",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301",
"target": {
"file": "stack/gatt/gatt_db.cc"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301"
],
"types": [
"RCE"
],
"spl": "2022-07-01",
"severity": "Critical"
}
Android / platform/system/bt
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 2001.0,
"function_hash": "237028429680686170678538706192668025085"
},
"id": "ASB-A-228078096-40d78136",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301",
"target": {
"function": "read_attr_value",
"file": "stack/gatt/gatt_db.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"271746948007969399780649439146152314031",
"299042952866365987543762007777832047713",
"318243900175279289348924400889235391181",
"289412709252196214277184826095030737563",
"17781346145243886110576082688024869423",
"56659749081856240233204289263814143202",
"88485116540816326733942640167814252172"
]
},
"id": "ASB-A-228078096-478465d2",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301",
"target": {
"file": "stack/gatt/gatt_db.cc"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/system/bt/+/6c01b49e627cd1dd29fe656d9cd5eb01205c8301"
],
"types": [
"RCE"
],
"spl": "2022-07-01",
"severity": "Critical"
}