PUB-A-260568367
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-260568367.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-260568367
- Aliases
-
- A-260568367
- CVE-2023-20989
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In btmblewriteadvenablecomplete of btmble_gap.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"166600489234414927719803542116416152193",
"291053107770608538701183037602824340574",
"301679025544903014566559251547306239965",
"247437574063457486823045746346903062022"
]
},
"id": "PUB-A-260568367-1e1073e0",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/test/mock/mock_stack_btm_ble_gap.cc"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"17821528429914078605326521975597115348",
"182542015634816505864676955174756430311",
"215603146856888871879870246401244182076",
"177441206742780684831068774883787682857",
"252067795639948791246501240899791737952",
"160022688364382390894069908128400789902"
]
},
"id": "PUB-A-260568367-22106124",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btm/btm_ble_gap.cc"
},
"signature_type": "Line"
},
{
"digest": {
"length": 2154.0,
"function_hash": "75218390152038561042437374292527415286"
},
"id": "PUB-A-260568367-44558b6b",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btu/btu_hcif.cc",
"function": "btu_hcif_hdl_command_complete"
},
"signature_type": "Function"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"length": 156.0,
"function_hash": "60234447814670367646965507424016961150"
},
"id": "PUB-A-260568367-4f7a0b8f",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btm/btm_ble_gap.cc",
"function": "btm_ble_write_adv_enable_complete"
},
"signature_type": "Function"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"247225448945770413834114022057397005061",
"284014206505004169611653158373638260173",
"95526860695457897301937684495200759154",
"120411400990972863824583791518870048001"
]
},
"id": "PUB-A-260568367-61513c70",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"188679613354953956492097503756284233815",
"298775416198561212439457222143063378775",
"155473432610297448654203097183676318276",
"288249473609885857912892301994324680310"
]
},
"id": "PUB-A-260568367-c9e2190e",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/include/ble_hci_link_interface.h"
},
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3a9bc45e212a58ce93cdf39a955324a28144ec32"
],
"spl": "2023-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}