ASB-A-251514170
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-251514170.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-251514170
- Aliases
-
- A-251514170
- CVE-2024-34722
- Published
- 2025-01-01T00:00:00Z
- Modified
- 2025-01-13T21:12:08.857889Z
- Summary
- [none]
- Details
-
In smpprocrand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 352.0,
"function_hash": "321571789285904334492730743639956922213"
},
"id": "ASB-A-251514170-3fbe783e",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eaa367379e0f08d5ab3167ac49136343e0c87e52",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc",
"function": "smp_proc_rand"
},
"signature_type": "Function"
},
{
"digest": {
"length": 155.0,
"function_hash": "310836050937169455387554377117328168799"
},
"id": "ASB-A-251514170-a2866d9a",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eaa367379e0f08d5ab3167ac49136343e0c87e52",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc",
"function": "smp_send_confirm"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"76016990345088518128060597595811943963",
"302590340112657390498622356868910682549",
"223964831944845757341067812058928167970",
"199893950464949796952010713464199678017",
"63269745553648631491921231036164254688",
"133178774613934554449228570743171422198",
"235887221604097201012289294919459199777"
]
},
"id": "ASB-A-251514170-f93c8a46",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eaa367379e0f08d5ab3167ac49136343e0c87e52",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/eaa367379e0f08d5ab3167ac49136343e0c87e52"
],
"spl": "2025-01-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"length": 125.0,
"function_hash": "74918214093950259196396537407830598564"
},
"id": "ASB-A-251514170-c980456e",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc",
"function": "smp_send_confirm"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284655167967645119513794050319058262760",
"35807173110219351575438918942900306764",
"269924315002217808095667220357498707577",
"321499543104801346490054998121629800662",
"63269745553648631491921231036164254688",
"133178774613934554449228570743171422198",
"244876469753238988165122585518203483916"
]
},
"id": "ASB-A-251514170-de456c9d",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97"
],
"spl": "2025-01-01",
"severity": "High",
"types": [
"EoP"
]
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"284655167967645119513794050319058262760",
"35807173110219351575438918942900306764",
"269924315002217808095667220357498707577",
"321499543104801346490054998121629800662",
"63269745553648631491921231036164254688",
"133178774613934554449228570743171422198",
"244876469753238988165122585518203483916"
]
},
"id": "ASB-A-251514170-173410c4",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc"
},
"signature_type": "Line"
},
{
"digest": {
"length": 125.0,
"function_hash": "74918214093950259196396537407830598564"
},
"id": "ASB-A-251514170-a86bebf3",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/smp/smp_act.cc",
"function": "smp_send_confirm"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/25a3fcd487c799d5d9029b8646159a0b10143d97"
],
"spl": "2025-01-01",
"severity": "High",
"types": [
"EoP"
]
}