ASB-A-231161832
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-231161832.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-231161832
- Aliases
-
- A-231161832
- CVE-2022-20361
- Published
- 2022-08-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In btifdmauthcmplevt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/system/bt
Package
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/system/bt/+/21df1076a4b9c1d1bbe3f5ecb475fe0b7c1b8c2a"
],
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/21df1076a4b9c1d1bbe3f5ecb475fe0b7c1b8c2a",
"target": {
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"155913144021378683436155797221628687420",
"171637098634629174589416245080161450766",
"155717385054888379048271655893029346988",
"46643993917118570152881840902373659619",
"7154684571415361070313675271200547726",
"64196000651627500630870698709013979691",
"237515720733202254667559770393489400365",
"299898572284227807643383709872175108567",
"312292796004805039980542919484067449510",
"105922491511705293652491594246266023139",
"300839439507607119005412988824370853381",
"321893301638270271118140534282829262887",
"309485616464083531898752752851898369381"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-231161832-4a8dabc8"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/21df1076a4b9c1d1bbe3f5ecb475fe0b7c1b8c2a",
"target": {
"function": "btif_dm_auth_cmpl_evt",
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"function_hash": "339222158557441203393941650598524772152",
"length": 4354.0
},
"signature_type": "Function",
"id": "ASB-A-231161832-ef2ec400"
}
],
"types": [
"EoP"
]
}
Android / platform/system/bt
Package
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/system/bt/+/d9a9f9aaecd5bc46827b40db5a2e5745056440fd"
],
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/d9a9f9aaecd5bc46827b40db5a2e5745056440fd",
"target": {
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"281038502249986630575748519143314696849",
"72197688718750751391239254819225338042",
"338918488766901507058381519227265327981",
"20759972281627573174124764572275216719",
"311418104710480438400218884651805836658",
"7154684571415361070313675271200547726",
"35847011711488605409754092891423926885",
"35876981577700395519483766362007945250",
"74793239645793207235314766573288209278",
"89942994437809222703622311834297087568",
"180115128368971591478332975000459982295",
"201715510797139776704144394770091320084",
"139085585212593830798429066256726099793",
"97662045186069946370174839789910839851",
"279796299712718262204248636763671731527",
"233433545915128667687598604890310512647"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-231161832-43cc56b5"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/d9a9f9aaecd5bc46827b40db5a2e5745056440fd",
"target": {
"function": "btif_dm_auth_cmpl_evt",
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"function_hash": "73689322892524819627989823368260004637",
"length": 4537.0
},
"signature_type": "Function",
"id": "ASB-A-231161832-c944f133"
}
],
"types": [
"EoP"
]
}
Android / platform/system/bt
Package
Ecosystem specific
{
"severity": "High",
"fixes": [
"https://android.googlesource.com/platform/system/bt/+/b0d24fcd940993c518f92b0ee4df5742b95dcfc4"
],
"spl": "2022-08-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/b0d24fcd940993c518f92b0ee4df5742b95dcfc4",
"target": {
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"222836440643992615353875424033600584071",
"232618286195615997000739277470485005742",
"213456899501931352574478292603151719957",
"231244916165462127494072958874732629115",
"186279845419743164384933534640996078815",
"11467096402748902967664410109067256570",
"1690482776887522843859492503434578577",
"11648869612130042197703327793807419762",
"82274207637916328501549683180612018960",
"7154684571415361070313675271200547726",
"159196903491874675396552078808025489266",
"296851379831879485199039643506728385480",
"52176092958150272323088281254917330906",
"218381473694905084969775577694333507656",
"180993196266607633012710558205714375435",
"30984294342602684712967291352240254310",
"125461633491760122188030886933493096655",
"144678437641515801717708615157457148359",
"267238091813756161768399101085681583674",
"212380816164120271258999546627855341624",
"218381473694905084969775577694333507656",
"312440967877922871926599967687015713453",
"313673972089025565756260425137054106040",
"23639857049730241874146425438170274714"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "ASB-A-231161832-27d61c0a"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/system/bt/+/b0d24fcd940993c518f92b0ee4df5742b95dcfc4",
"target": {
"function": "btif_dm_auth_cmpl_evt",
"file": "btif/src/btif_dm.cc"
},
"deprecated": false,
"digest": {
"function_hash": "170726132245754375231028467631209869703",
"length": 4954.0
},
"signature_type": "Function",
"id": "ASB-A-231161832-6715e9bc"
}
],
"types": [
"EoP"
]
}