PUB-A-227203684

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-227203684.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-227203684
Aliases
  • A-227203684
  • CVE-2022-20521
Published
2022-12-01T00:00:00Z
Modified
2024-11-06T12:16:03.231308Z
Summary
[none]
Details

In sdpufindmostspecificserviceuuid of sdputils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name
platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2022-12-01

Affected versions

Other

13

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 1068.0,
                "function_hash": "238553091056856029825788990913744794482"
            },
            "id": "PUB-A-227203684-401e6b3b",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0f98ddca48c98e78ba2720ab25c43d02c87a5027",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/sdp/sdp_utils.cc",
                "function": "sdpu_find_most_specific_service_uuid"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "160116732034253777826207962760279679938",
                    "18908339239817071240172786701048238448",
                    "297454108314900748288197999731715647218",
                    "75244885949787698298913282795963398807",
                    "321621315134737476890260724131816370360",
                    "20965748284632994148210757705938643173",
                    "164467874120547922754436432331549304198",
                    "296892172092946899309059415897789938893",
                    "135290251693880790664240529785615635191"
                ]
            },
            "id": "PUB-A-227203684-a951188c",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0f98ddca48c98e78ba2720ab25c43d02c87a5027",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/sdp/sdp_utils.cc"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0f98ddca48c98e78ba2720ab25c43d02c87a5027"
    ],
    "spl": "2022-12-01",
    "severity": "Moderate",
    "types": [
        "DoS"
    ]
}