PUB-A-242993878

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-242993878.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-242993878

Aliases

A-242993878
CVE-2023-20984

Published

2023-06-01T00:00:00Z

Modified

2026-01-02T16:15:11.472675Z

Summary

[none]

Details

In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "severity": "Moderate",
    "spl": "2023-06-01",
    "vanir_signatures": [
        {
            "digest": {
                "line_hashes": [
                    "274507125717508761823720715117326337463",
                    "250534526309399787941277159275689486665",
                    "180637340079350059774962475040796197224",
                    "309955202996159853044389784852120825867",
                    "253419954661788520912516021457538315870",
                    "103721111485077619194432808299173774763",
                    "268691132623649112264153132946947280256",
                    "164108290758033392082839805664588404989",
                    "251811334078139069080402612397102920090",
                    "322950099963241760561634733704661803552"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-242993878-09f179d4",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9bd576f4912cb405fddbf3c3dcd72f25ae8bb623",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/btif/src/btif_bqr.cc"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "208981225525070782590343636221078025618",
                    "176309543377281345478870439149057917245",
                    "206620382484551893761465528047549985294",
                    "35550298959744721389766907235211671095"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-242993878-669b36bb",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9bd576f4912cb405fddbf3c3dcd72f25ae8bb623",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/btif/include/btif_bqr.h"
            }
        },
        {
            "digest": {
                "function_hash": "316336693552482996410418077782090412290",
                "length": 2175.0
            },
            "id": "PUB-A-242993878-a82c9a6b",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9bd576f4912cb405fddbf3c3dcd72f25ae8bb623",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "BqrVseSubEvt::ParseBqrLinkQualityEvt",
                "file": "system/btif/src/btif_bqr.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9bd576f4912cb405fddbf3c3dcd72f25ae8bb623"
    ]
}