In smpprocsecreq of smpact.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "fixes": [ "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18" ], "vanir_signatures": [ { "id": "ASB-A-300903400-24c830f9", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18", "digest": { "function_hash": "318216611240446292738758200872593789098", "length": 1057.0 }, "target": { "file": "system/stack/smp/smp_act.cc", "function": "smp_proc_sec_req" }, "deprecated": false, "signature_type": "Function" }, { "id": "ASB-A-300903400-d89584bd", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18", "digest": { "line_hashes": [ "68935296598475382429362722327325645352", "324763877670166220684932851905200955893", "55483643642204500388893954441248006011", "258959201356652833291423250563927550339" ], "threshold": 0.9 }, "target": { "file": "system/stack/smp/smp_act.cc" }, "deprecated": false, "signature_type": "Line" } ], "spl": "2024-03-01", "severity": "High", "types": [ "ID" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91" ], "vanir_signatures": [ { "id": "ASB-A-300903400-30a98fd7", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91", "digest": { "line_hashes": [ "68935296598475382429362722327325645352", "324763877670166220684932851905200955893", "55483643642204500388893954441248006011", "258959201356652833291423250563927550339" ], "threshold": 0.9 }, "target": { "file": "system/stack/smp/smp_act.cc" }, "deprecated": false, "signature_type": "Line" }, { "id": "ASB-A-300903400-76e4bf8b", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91", "digest": { "function_hash": "222252477408246620080554891409417581317", "length": 1052.0 }, "target": { "file": "system/stack/smp/smp_act.cc", "function": "smp_proc_sec_req" }, "deprecated": false, "signature_type": "Function" } ], "spl": "2024-03-01", "severity": "High", "types": [ "ID" ] }
{ "fixes": [ "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91" ], "vanir_signatures": [ { "id": "ASB-A-300903400-8ce7c1c8", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91", "digest": { "function_hash": "222252477408246620080554891409417581317", "length": 1052.0 }, "target": { "file": "system/stack/smp/smp_act.cc", "function": "smp_proc_sec_req" }, "deprecated": false, "signature_type": "Function" }, { "id": "ASB-A-300903400-cf76f0fc", "signature_version": "v1", "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91", "digest": { "line_hashes": [ "68935296598475382429362722327325645352", "324763877670166220684932851905200955893", "55483643642204500388893954441248006011", "258959201356652833291423250563927550339" ], "threshold": 0.9 }, "target": { "file": "system/stack/smp/smp_act.cc" }, "deprecated": false, "signature_type": "Line" } ], "spl": "2024-03-01", "severity": "High", "types": [ "ID" ] }