PUB-A-255304665
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-255304665.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-255304665
- Aliases
-
- A-255304665
- CVE-2023-20972
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In btmvendorspecificevt of btmdevctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293"
],
"spl": "2023-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293",
"target": {
"function": "btm_vendor_specific_evt",
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "2477471006985661260117548069887641882",
"length": 1219.0
},
"signature_type": "Function",
"id": "PUB-A-255304665-03c76933"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293",
"target": {
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"83648431535650780160867742783156024480",
"46779946339216737515961371751147359653",
"18752286288403103004267859853284941181",
"149891708636086322423770133438791907006",
"293022643982786686610171976003110304652",
"313659330538134013444504814429505597621",
"40631320006464154610674076700349714047",
"214548071856105607243922551709932897868",
"164643282726125086888752020115932010693",
"275338447504613898984924848348110629410",
"313750415713891991612973068648816949083",
"274338805120404352925719698537995244981",
"174948857539745247927746166797967794962",
"252807075125489656040283541018715645854",
"275254542209901769514623782719463807480",
"277899969821501159901327952485799037940"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-255304665-5ecbf49f"
}
],
"types": [
"ID"
]
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293"
],
"spl": "2023-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293",
"target": {
"function": "btm_vendor_specific_evt",
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "2477471006985661260117548069887641882",
"length": 1219.0
},
"signature_type": "Function",
"id": "PUB-A-255304665-145932e4"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/9c12298ca6758558558642ee0bd0416b84b7b293",
"target": {
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"83648431535650780160867742783156024480",
"46779946339216737515961371751147359653",
"18752286288403103004267859853284941181",
"149891708636086322423770133438791907006",
"293022643982786686610171976003110304652",
"313659330538134013444504814429505597621",
"40631320006464154610674076700349714047",
"214548071856105607243922551709932897868",
"164643282726125086888752020115932010693",
"275338447504613898984924848348110629410",
"313750415713891991612973068648816949083",
"274338805120404352925719698537995244981",
"174948857539745247927746166797967794962",
"252807075125489656040283541018715645854",
"275254542209901769514623782719463807480",
"277899969821501159901327952485799037940"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-255304665-d3fadb2f"
}
],
"types": [
"ID"
]
}