PUB-A-260568083

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-260568083.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-260568083

Aliases

A-260568083
CVE-2023-20982

Published

2023-06-01T00:00:00Z

Modified

2026-04-17T15:55:28.020024Z

Summary

[none]

Details

In btmreadtxpowercomplete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "severity": "Moderate",
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc"
    ],
    "spl": "2023-06-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "file": "system/test/mock/mock_stack_acl.h"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "91120072370369716380662468663457112667",
                    "77937990068245879393772032804213536071",
                    "142581786962957731293880475873576375097",
                    "200206279142117472060591129939830419704",
                    "304489538477729054764584491970279696015",
                    "225248717060436010541024803209824718240"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-260568083-0a82bf20"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "function": "btu_hcif_hdl_command_complete",
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "39187288829026860062883506468655333628",
                "length": 2106.0
            },
            "signature_type": "Function",
            "id": "PUB-A-260568083-0b485f0e"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "file": "system/test/mock/mock_stack_acl.cc"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "76386474996276944385163994246957050639",
                    "36179256225666153528822166601729259268",
                    "336572677563697181726149773283537662324",
                    "93030908562272971049947591247036631963",
                    "246101567535068372341164781972363427991",
                    "45832400307608904940824158394310858607"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-260568083-35941271"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "239779228496455769345821843630810310671",
                    "288939521428638511623241044379083843906",
                    "178536622760574816814660812904341779678",
                    "4569009688765277360812131822273449724",
                    "289213502808409074465843520373705198312",
                    "95949308781396210589302282023416154093",
                    "123872142083599226303038409137915708425",
                    "21369581572518947376539960550339099673"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-260568083-6b61ad90"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "file": "system/stack/include/acl_hci_link_interface.h"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "316513638423377416554260539375016933022",
                    "292461599464892148440602104708798340378",
                    "209791031375700219343850248782084792329",
                    "181215925179627580178849465680489250955"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-260568083-774d94dd"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "function": "btm_read_tx_power_complete",
                "file": "system/stack/acl/btm_acl.cc"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "311972640158743252108264279057693540931",
                "length": 885.0
            },
            "signature_type": "Function",
            "id": "PUB-A-260568083-833c0b8e"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/e65885186e94bd295e8ed8ea783b5a49ffb3d5bc",
            "target": {
                "file": "system/stack/acl/btm_acl.cc"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "172867093954647776158946197579493899519",
                    "240729915970230787589762695686495803689",
                    "77259156352196733667084202030760038120",
                    "231656241151367147324337439780055479640",
                    "244583451476393233776542801946500163549",
                    "43402332158041781494086019038426287569",
                    "61894179056215923795712736384442744862",
                    "55058235004090176245672469547280876294",
                    "323668999929901887422985873082177547503",
                    "330059997140656717635241641384332050922",
                    "168180346481135005923280107589610304442",
                    "225022284774947069501991909951928767108",
                    "289233425032350894526494923978077571166",
                    "233732557165032028009601998703812954024",
                    "298567874855384446465324033118563722298",
                    "318337894986029413887727702410244297238",
                    "46711727194567930028805879782966910552",
                    "139073922511987929229117775904002790924",
                    "60597122513202571174437564586978773904",
                    "39467869309276482644177773981423014848"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-260568083-b37d76f4"
        }
    ],
    "types": [
        "ID"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-260568083.json"