PUB-A-260568359
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-260568359.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-260568359
- Aliases
-
- A-260568359
- CVE-2023-21202
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2026-04-17T15:55:28.020024Z
- Summary
- [none]
- Details
-
In btmdeletestoredlinkkeycomplete of btmdevctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096"
],
"spl": "2023-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"file": "system/stack/include/dev_hci_link_interface.h"
},
"deprecated": false,
"digest": {
"line_hashes": [
"98965523080780723292383223051741451175",
"238562866666299813260050517692436726190",
"57171793699071419602598603781386282873",
"260570040915377613425087713965400794775"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-611ea43d"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"function": "btm_delete_stored_link_key_complete",
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "55099561426096689871163446569072901471",
"length": 321.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-79980576"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"function": "btm_delete_stored_link_key_complete",
"file": "system/test/mock/mock_stack_btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "169374124789351054910390426051703354470",
"length": 78.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-9c2f117d"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"61104440036987013836437442728002713633",
"212480365180903595263967169120925441141",
"290654202196679177042715032227782482657",
"151691778852868897783357114273059004111"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-b797e441"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"file": "system/test/mock/mock_stack_btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"257705006674170288105204431726969833650",
"94298630825567353657321792482623911432",
"61925990775034003165231748046859349954",
"142711564351958968069842680173332944423"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-e0eb49ab"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"157935162887595837878156488262256160825",
"276760555319270639680179070830110401814",
"240996534110281433260094547482428014817",
"173276685202535898872685169339980353037",
"176789120198958218416293170902771064640",
"90690984741835290059486515496157992019",
"251427702170046719072007453278918090304"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-e86cf7d2"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b5e669088a0f35a1c572c7c5584aba5984201096",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
},
"deprecated": false,
"digest": {
"function_hash": "257010832042188423388289082366036976127",
"length": 2098.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-f5dbfb1e"
}
],
"types": [
"ID"
]
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c"
],
"spl": "2023-06-01",
"vanir_signatures": [
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"function": "btm_delete_stored_link_key_complete",
"file": "system/test/mock/mock_stack_btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "169374124789351054910390426051703354470",
"length": 78.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-01d5a1b7"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"file": "system/test/mock/mock_stack_btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"257705006674170288105204431726969833650",
"94298630825567353657321792482623911432",
"61925990775034003165231748046859349954",
"142711564351958968069842680173332944423"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-7151aecc"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"39834363574228249638723728818141329806",
"276760555319270639680179070830110401814",
"240996534110281433260094547482428014817",
"173276685202535898872685169339980353037",
"176789120198958218416293170902771064640",
"90690984741835290059486515496157992019",
"251427702170046719072007453278918090304"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-98b3ce98"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
},
"deprecated": false,
"digest": {
"function_hash": "235604982423465775564157247840940631481",
"length": 1979.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-aafafe1d"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
},
"deprecated": false,
"digest": {
"line_hashes": [
"61104440036987013836437442728002713633",
"212480365180903595263967169120925441141",
"290654202196679177042715032227782482657",
"151691778852868897783357114273059004111"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-b6c10920"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"file": "system/stack/include/dev_hci_link_interface.h"
},
"deprecated": false,
"digest": {
"line_hashes": [
"98965523080780723292383223051741451175",
"238562866666299813260050517692436726190",
"57171793699071419602598603781386282873",
"260570040915377613425087713965400794775"
],
"threshold": 0.9
},
"signature_type": "Line",
"id": "PUB-A-260568359-ba79fc41"
},
{
"signature_version": "v1",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0ab9b9257ac12744acd55341a858efd41b48d30c",
"target": {
"function": "btm_delete_stored_link_key_complete",
"file": "system/stack/btm/btm_devctl.cc"
},
"deprecated": false,
"digest": {
"function_hash": "55099561426096689871163446569072901471",
"length": 321.0
},
"signature_type": "Function",
"id": "PUB-A-260568359-d9310ae7"
}
],
"types": [
"ID"
]
}