PUB-A-256165737

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-256165737.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-256165737

Aliases

A-256165737
CVE-2023-20981

Published

2023-06-01T00:00:00Z

Modified

2024-11-06T12:16:03.231308Z

Summary

[none]

Details

In btublercparamreqevt of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 4792.0,
                "function_hash": "336582734661748564958037119141585034711"
            },
            "id": "PUB-A-256165737-39ad2d40",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc",
                "function": "btu_hcif_process_event"
            },
            "signature_type": "Function"
        },
        {
            "match_only_versions": [
                "13-next"
            ],
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122445623140582117476716815864619406966",
                    "270237901051771015591452979276819797519",
                    "301973965513952811863754946145588730064",
                    "18063600987660727020396096173085053061",
                    "79157904431448262747082275857495241374",
                    "35387678221282559177479552950988699557",
                    "329015732910744385759688024268818136589",
                    "45449181739673993241176699503569153431",
                    "181624077784582716377852058212826525708",
                    "213992691007000150893341665815023272341",
                    "65194841672755231150424500980152141629",
                    "211238691417689538152163424776491854796",
                    "262108294216214657050525185873324354416",
                    "267083727085991318796826883174902489202"
                ]
            },
            "id": "PUB-A-256165737-b093188c",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "signature_type": "Line"
        },
        {
            "match_only_versions": [
                "13-next"
            ],
            "digest": {
                "length": 263.0,
                "function_hash": "176204503959658893950115173833424090215"
            },
            "id": "PUB-A-256165737-b8b92809",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc",
                "function": "btu_ble_rc_param_req_evt"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate",
    "types": [
        "ID"
    ]
}