ASB-A-271962784
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-271962784.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-271962784
- Aliases
-
- A-271962784
- CVE-2024-49714
- Published
- 2025-09-01T00:00:00Z
- Modified
- 2025-11-05T16:30:26.460762Z
- Summary
- [none]
- Details
-
In avrcvendormsg of avrc_opt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2025-09-01",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"function_hash": "161964072447301556907021949801306052708",
"length": 813.0
},
"target": {
"function": "avrc_vendor_msg",
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-019302b8",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"line_hashes": [
"233173819388143007683002944958412463167",
"281597275017415760895749258884319544714",
"222957863068205357447326730381878078511",
"250779556980860033012007924240257078315",
"321543060838153475417302785315600971957"
],
"threshold": 0.9
},
"target": {
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-d308274d",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf"
]
}platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2025-09-01",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"function_hash": "161964072447301556907021949801306052708",
"length": 813.0
},
"target": {
"function": "avrc_vendor_msg",
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-ae038f9f",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"line_hashes": [
"233173819388143007683002944958412463167",
"281597275017415760895749258884319544714",
"222957863068205357447326730381878078511",
"250779556980860033012007924240257078315",
"321543060838153475417302785315600971957"
],
"threshold": 0.9
},
"target": {
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-b403dfc1",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf"
]
}platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2025-09-01",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"function_hash": "161964072447301556907021949801306052708",
"length": 813.0
},
"target": {
"function": "avrc_vendor_msg",
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-44b032d0",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf",
"digest": {
"line_hashes": [
"233173819388143007683002944958412463167",
"281597275017415760895749258884319544714",
"222957863068205357447326730381878078511",
"250779556980860033012007924240257078315",
"321543060838153475417302785315600971957"
],
"threshold": 0.9
},
"target": {
"file": "system/stack/avrc/avrc_opt.cc"
},
"id": "ASB-A-271962784-cea561e7",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d5de235b461ec83e43a7db513e286d3204c4cedf"
]
}