PUB-A-260568245
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-260568245.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-260568245
- Aliases
-
- A-260568245
- CVE-2023-20973
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In btmcreateconncancelcomplete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"243810112839180409435536355694423571750",
"299477295124079003834922366589101402116",
"339253293684361323314945020031679424632",
"54769990116822821649320993360989620174"
]
},
"id": "PUB-A-260568245-2bef92fd",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"file": "system/test/mock/mock_stack_btm_sec.cc"
}
},
{
"digest": {
"length": 874.0,
"function_hash": "106454785807906912090733509797690038970"
},
"id": "PUB-A-260568245-35d974d9",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"function": "btm_create_conn_cancel_complete",
"file": "system/stack/btm/btm_sec.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"126433689896836701219873939732705828142",
"256479069655869836042509465085661530171",
"310573522880277217729692544786171514031",
"159482563108846739062825189817177703150"
]
},
"id": "PUB-A-260568245-3c158b68",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"file": "system/stack/btm/btm_sec.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"168076959922953635491048177836613499317",
"177925020078317190151119010659761170747",
"261998629566884442232723766392663832515",
"73142110452835336792606638363977633765"
]
},
"id": "PUB-A-260568245-93398361",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"file": "system/stack/include/sec_hci_link_interface.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"203227775105952582663999295386510304721",
"28554358831473830551561127673212847872",
"245708939831301847045955566643293648516",
"163741528422316185972359435657757944184"
]
},
"id": "PUB-A-260568245-b9b52456",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
}
},
{
"digest": {
"length": 2146.0,
"function_hash": "231077236101929660369564077957019062208"
},
"id": "PUB-A-260568245-db9d8307",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49104961985698033766274605397557173818",
"99371367906560930911575963695038048576",
"224816853246989930754069618456001755931",
"192753990597435299819657294873319913424",
"61134942078643564912732089505676903749"
]
},
"id": "PUB-A-260568245-e9336316",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1",
"target": {
"file": "system/stack/btm/btm_sec.cc"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5d323752b7600fcb6c5126f8f1d6ce69b86430c1"
],
"types": [
"ID"
],
"spl": "2023-06-01",
"severity": "Moderate"
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"126433689896836701219873939732705828142",
"256479069655869836042509465085661530171",
"310573522880277217729692544786171514031",
"159482563108846739062825189817177703150"
]
},
"id": "PUB-A-260568245-0421fe5d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"file": "system/stack/btm/btm_sec.h"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"4569009688765277360812131822273449724",
"28554358831473830551561127673212847872",
"245708939831301847045955566643293648516",
"158498375014697082575363767697377430124"
]
},
"id": "PUB-A-260568245-0657b5e8",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
}
},
{
"digest": {
"length": 1979.0,
"function_hash": "235604982423465775564157247840940631481"
},
"id": "PUB-A-260568245-1fcc205b",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"168076959922953635491048177836613499317",
"177925020078317190151119010659761170747",
"261998629566884442232723766392663832515",
"73142110452835336792606638363977633765"
]
},
"id": "PUB-A-260568245-5776ba22",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"file": "system/stack/include/sec_hci_link_interface.h"
}
},
{
"digest": {
"length": 874.0,
"function_hash": "106454785807906912090733509797690038970"
},
"id": "PUB-A-260568245-6d261a5a",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"function": "btm_create_conn_cancel_complete",
"file": "system/stack/btm/btm_sec.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"49104961985698033766274605397557173818",
"99371367906560930911575963695038048576",
"224816853246989930754069618456001755931",
"192753990597435299819657294873319913424",
"61134942078643564912732089505676903749"
]
},
"id": "PUB-A-260568245-7b34a4e0",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"file": "system/stack/btm/btm_sec.cc"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"243810112839180409435536355694423571750",
"299477295124079003834922366589101402116",
"339253293684361323314945020031679424632",
"54769990116822821649320993360989620174"
]
},
"id": "PUB-A-260568245-9510fd95",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a",
"target": {
"file": "system/test/mock/mock_stack_btm_sec.cc"
}
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/adf06fb67b0714c6349f4e61d258642bbd7ad74a"
],
"types": [
"ID"
],
"spl": "2023-06-01",
"severity": "Moderate"
}