PUB-A-260569232

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-260569232.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-260569232

Aliases

A-260569232
CVE-2023-20988

Published

2023-06-01T00:00:00Z

Modified

2026-01-02T16:32:47.762346Z

Summary

[none]

Details

In btmreadrssicomplete of btmacl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

References

https://source.android.com/security/bulletin/2023-06-01

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name: platform/packages/modules/Bluetooth

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13-next:0

Fixed

13-next:2023-06-01

Affected versions

Other

13-next

Ecosystem specific

{
    "types": [
        "ID"
    ],
    "severity": "Moderate",
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457"
    ],
    "vanir_signatures": [
        {
            "digest": {
                "line_hashes": [
                    "311578197968301028134573210825374615266",
                    "265881736050624714355901081537512354537",
                    "74443917033663519550339224458227937844",
                    "81742885815576086254100432531282752170",
                    "330053862969630390965085836431729529475",
                    "287733402694503317251094280069527117863"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-260569232-0813610f",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/test/mock/mock_stack_acl.cc"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "138125427901339580302952367125486016373",
                    "320736158018077789100349982988843194886",
                    "269052577551831788025197968923463442775",
                    "135225644450426590353509486425528272435",
                    "16616591723888463259127543194950043040",
                    "244598418960487359266723191122422924713",
                    "157658734843779110308837609009177753354",
                    "153797605762092680854531969464550076917",
                    "200779085590182961026366172796486925928",
                    "31746011978801868876531978876288204346",
                    "212997750747018909454817884390104834704",
                    "27167995409021016825158748837172709863",
                    "325804095733766403345532781550986031724",
                    "139073922511987929229117775904002790924",
                    "35826460606426767571478689731104872286",
                    "121797743903160724150645179947434212019"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-260569232-0ad5f032",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/stack/acl/btm_acl.cc"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "107026769148702083207167741945240330927",
                    "228673577819299287550072101103746896751",
                    "193639719222391591746058250215909159117",
                    "12452903086819772231557207175095475200"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-260569232-41ee48e2",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "function_hash": "44960872907465607661369657220580645716",
                "length": 716.0
            },
            "id": "PUB-A-260569232-889132be",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "btm_read_rssi_complete",
                "file": "system/stack/acl/btm_acl.cc"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "235381771257151499727512579386307465273",
                    "235935762616378040010189086651665803154",
                    "69052446380987595538661588043517367970",
                    "312793047200382015914327910996789548544",
                    "286569114496680524630555567758174149417"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-260569232-996acd86",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/test/mock/mock_stack_acl.h"
            }
        },
        {
            "digest": {
                "function_hash": "261203218373239976902102156613081274077",
                "length": 2122.0
            },
            "id": "PUB-A-260569232-e25f679d",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "btu_hcif_hdl_command_complete",
                "file": "system/stack/btu/btu_hcif.cc"
            }
        },
        {
            "digest": {
                "line_hashes": [
                    "249371214034219007812752909297065418085",
                    "141431870736205574733528765217243745418",
                    "83533393859279938150547325702230630889",
                    "60394266117852349277768360141890979780"
                ],
                "threshold": 0.9
            },
            "id": "PUB-A-260569232-fd0c740d",
            "deprecated": false,
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/881f9786b277e20ab60e01f4ae5fc64be4798457",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "system/stack/include/acl_hci_link_interface.h"
            }
        }
    ],
    "spl": "2023-06-01"
}