In sdpucompareuuidwithattr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 435.0, "function_hash": "36124008880444953329645145654613027992" }, "id": "ASB-A-287184435-4d5a857a", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39", "deprecated": false, "signature_version": "v1", "target": { "file": "system/stack/sdp/sdp_utils.cc", "function": "sdpu_compare_uuid_with_attr" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "139131443945002606912506064455006689017", "253207943261305781236343062435265004432", "250908622023246894622366699106192517526", "335091853755149266420202824179508457061", "308375983938059669047339829356505397501" ] }, "id": "ASB-A-287184435-ff44d061", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39", "deprecated": false, "signature_version": "v1", "target": { "file": "system/stack/sdp/sdp_utils.cc" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39" ], "spl": "2024-08-01", "severity": "High", "types": [ "ID" ] }