PUB-A-256165737

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-256165737.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-256165737
Aliases
Published
2023-06-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In btublercparamreqevt of btuhcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-06-01

Affected versions

Other
13-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 4792.0,
                "function_hash": "336582734661748564958037119141585034711"
            },
            "id": "PUB-A-256165737-39ad2d40",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "target": {
                "function": "btu_hcif_process_event",
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122445623140582117476716815864619406966",
                    "270237901051771015591452979276819797519",
                    "301973965513952811863754946145588730064",
                    "18063600987660727020396096173085053061",
                    "79157904431448262747082275857495241374",
                    "35387678221282559177479552950988699557",
                    "329015732910744385759688024268818136589",
                    "45449181739673993241176699503569153431",
                    "181624077784582716377852058212826525708",
                    "213992691007000150893341665815023272341",
                    "65194841672755231150424500980152141629",
                    "211238691417689538152163424776491854796",
                    "262108294216214657050525185873324354416",
                    "267083727085991318796826883174902489202"
                ]
            },
            "id": "PUB-A-256165737-b093188c",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "length": 263.0,
                "function_hash": "176204503959658893950115173833424090215"
            },
            "id": "PUB-A-256165737-b8b92809",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a",
            "target": {
                "function": "btu_ble_rc_param_req_evt",
                "file": "system/stack/btu/btu_hcif.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a"
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate"
}

Database specific

source
"https://storage.googleapis.com/android-osv/PUB-A-256165737.json"

Android / platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-06-01

Affected versions

Other
13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "122445623140582117476716815864619406966",
                    "270237901051771015591452979276819797519",
                    "301973965513952811863754946145588730064",
                    "18063600987660727020396096173085053061",
                    "79157904431448262747082275857495241374",
                    "35387678221282559177479552950988699557",
                    "329015732910744385759688024268818136589",
                    "45449181739673993241176699503569153431",
                    "181624077784582716377852058212826525708",
                    "213992691007000150893341665815023272341",
                    "65194841672755231150424500980152141629",
                    "211238691417689538152163424776491854796",
                    "262108294216214657050525185873324354416",
                    "267083727085991318796826883174902489202"
                ]
            },
            "id": "PUB-A-256165737-679b28ff",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "length": 4846.0,
                "function_hash": "232227972830537180929657144775355121285"
            },
            "id": "PUB-A-256165737-7715a119",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f",
            "target": {
                "function": "btu_hcif_process_event",
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "length": 263.0,
                "function_hash": "176204503959658893950115173833424090215"
            },
            "id": "PUB-A-256165737-a596a194",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f",
            "target": {
                "function": "btu_ble_rc_param_req_evt",
                "file": "system/stack/btu/btu_hcif.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f"
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate"
}

Database specific

source
"https://storage.googleapis.com/android-osv/PUB-A-256165737.json"