ASB-A-318374503
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-318374503.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-318374503
- Aliases
-
- A-318374503
- CVE-2024-23717
- Published
- 2024-03-01T00:00:00Z
- Modified
- 2026-04-29T15:10:00.007170Z
- Summary
- [none]
- Details
-
In accesssecureservicefromtempbond of btmsec.cc, there is a possible way to achieve keystroke injection due to improper input validation. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"spl": "2024-03-01",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9402b43e919b3706d33a4534e13468b95896b5c5"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 232.0,
"function_hash": "333735336583064087039902703448593069282"
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9402b43e919b3706d33a4534e13468b95896b5c5",
"target": {
"function": "access_secure_service_from_temp_bond",
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-3ca3c81e"
},
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"73020516892836227850873902746339412076",
"225516260501769301590541943710397904252",
"105654584775185336510310529998476958019",
"325063771327590450643352016418496974272"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9402b43e919b3706d33a4534e13468b95896b5c5",
"target": {
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-c8a82fef"
}
],
"severity": "Critical"
}platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"spl": "2024-03-01",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"231790709002883891973800308045898413132",
"295905668830846017767970564492123207739",
"295610151115085055824572039453931712567",
"17400750266784036359344154410214078877",
"227633893623229621582798433050040704196"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc",
"target": {
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-88fe4656"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 212.0,
"function_hash": "115920379014818069597213206974632673599"
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc",
"target": {
"function": "access_secure_service_from_temp_bond",
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-9eb84a84"
}
],
"severity": "Critical"
}platform/packages/modules/Bluetooth
Package
- Name
- platform/packages/modules/Bluetooth
Ecosystem specific
{
"spl": "2024-03-01",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc"
],
"types": [
"EoP"
],
"vanir_signatures": [
{
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"digest": {
"line_hashes": [
"231790709002883891973800308045898413132",
"295905668830846017767970564492123207739",
"295610151115085055824572039453931712567",
"17400750266784036359344154410214078877",
"227633893623229621582798433050040704196"
],
"threshold": 0.9
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc",
"target": {
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-6f9c3a80"
},
{
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"digest": {
"length": 212.0,
"function_hash": "115920379014818069597213206974632673599"
},
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/62944f39f502b28687a5142ec2d77585525591bc",
"target": {
"function": "access_secure_service_from_temp_bond",
"file": "system/stack/btm/btm_sec.cc"
},
"id": "ASB-A-318374503-8054a4a2"
}
],
"severity": "Critical"
}