PUB-A-251436534

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-251436534.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-251436534

Aliases

A-251436534
CVE-2023-21190

Published

2023-06-01T00:00:00Z

Modified

2024-11-06T12:16:03.231308Z

Summary

[none]

Details

In btmaclencryptchange of btmacl.cc, there is a possible way for a remote device to turn off encryption without resulting in a terminated connection due to an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "match_only_versions": [
                "13-next"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "241032498162732168686061127771743415680",
                    "62624935660486018377174287721292672681",
                    "4014527410623786816410966539760505244",
                    "57592825137004076501030716370016162946",
                    "52690535422915533867537736217217248989",
                    "170954045258885978977664806581018799305",
                    "183413448801447165731366794327360103872"
                ]
            },
            "id": "PUB-A-251436534-e875d98a",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/1ee290b87b23c30d4389c2de283e01f72b2db17a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/acl/btm_acl.cc"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "13-next"
            ],
            "digest": {
                "length": 1011.0,
                "function_hash": "277956072962540203230142099701362386203"
            },
            "id": "PUB-A-251436534-f7f60429",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/1ee290b87b23c30d4389c2de283e01f72b2db17a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/acl/btm_acl.cc",
                "function": "btm_acl_encrypt_change"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/1ee290b87b23c30d4389c2de283e01f72b2db17a"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}