ASB-A-275340684

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-275340684.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-275340684
Aliases
Published
2023-12-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In CreateAudioBroadcast of broadcaster.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name
platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14-next:0
Fixed
14-next:2023-12-01

Affected versions

Other
14-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "142684289885384697536288631086263826842",
                    "16406206357247479788666354731309863657",
                    "286905061467636589645434065539620543548",
                    "100785283712054938349270543023197146987",
                    "43855841289177912729581738001999468354",
                    "16406206357247479788666354731309863657",
                    "13976835086402222212545783096397724990",
                    "284047784408702917118367082191050182332"
                ]
            },
            "id": "ASB-A-275340684-8690136a",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5f9059acdfed500ea5ff4b159795280d5fa2ecbf",
            "target": {
                "file": "system/bta/le_audio/broadcaster/broadcaster.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5f9059acdfed500ea5ff4b159795280d5fa2ecbf"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2023-12-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-275340684.json"

Android / platform/packages/modules/Bluetooth

Package

Name
platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2023-12-01

Affected versions

Other
14

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "142684289885384697536288631086263826842",
                    "16406206357247479788666354731309863657",
                    "286905061467636589645434065539620543548",
                    "100785283712054938349270543023197146987",
                    "43855841289177912729581738001999468354",
                    "16406206357247479788666354731309863657",
                    "13976835086402222212545783096397724990",
                    "284047784408702917118367082191050182332"
                ]
            },
            "id": "ASB-A-275340684-898735a2",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5f9059acdfed500ea5ff4b159795280d5fa2ecbf",
            "target": {
                "file": "system/bta/le_audio/broadcaster/broadcaster.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5f9059acdfed500ea5ff4b159795280d5fa2ecbf"
    ],
    "types": [
        "EoP"
    ],
    "spl": "2023-12-01",
    "severity": "High"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/ASB-A-275340684.json"