PUB-A-254445961

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-254445961.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-254445961

Aliases

A-254445961
CVE-2023-21199

Published

2023-06-01T00:00:00Z

Modified

2025-11-18T16:17:57.446691Z

Summary

[none]

Details

In btubleprocltkreq of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "severity": "Moderate",
    "vanir_signatures": [
        {
            "digest": {
                "length": 178.0,
                "function_hash": "16798783374027649390924088481954397025"
            },
            "target": {
                "function": "btu_ble_proc_ltk_req",
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/47cd3886c89138bb2de237e634c64d43a65408df",
            "id": "PUB-A-254445961-6604ce50",
            "signature_type": "Function"
        },
        {
            "digest": {
                "length": 4858.0,
                "function_hash": "121032340395118351048104805696206638258"
            },
            "target": {
                "function": "btu_hcif_process_event",
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/47cd3886c89138bb2de237e634c64d43a65408df",
            "id": "PUB-A-254445961-c1e915b8",
            "signature_type": "Function"
        },
        {
            "digest": {
                "line_hashes": [
                    "120526818870592079511446038379599419139",
                    "247788363735877317492870273049275417386",
                    "200524781882001211848731753649556762663",
                    "67197072511179158624227833662691877381",
                    "243582895289472071154733820146401512678",
                    "300957555434471442382439564930068526347",
                    "218102751831207072837103522413269025164",
                    "128409333108039728423972662664844690397",
                    "273463484305711229073194788669961469845",
                    "220170635470911562743011761929869734586",
                    "45678469202134914128930537096516061788",
                    "14813399178371133576513754082925666734",
                    "12801990629679320064526008507160949430",
                    "299162396192643926634009006467643212504"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "signature_version": "v1",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/47cd3886c89138bb2de237e634c64d43a65408df",
            "id": "PUB-A-254445961-d0446bb1",
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/47cd3886c89138bb2de237e634c64d43a65408df"
    ],
    "spl": "2023-06-01"
}