In attpbuildvaluecmd of attprotocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b927f3fb660dafaf97b2fa0398353a8c39125efc" ], "spl": "2024-03-01", "types": [ "RCE" ], "severity": "Critical" }