PUB-A-260569414
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-260569414.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-260569414
- Aliases
-
- A-260569414
- CVE-2023-20987
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2025-11-14T16:44:49.782125Z
- Summary
- [none]
- Details
-
In btmreadlinkqualitycomplete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"spl": "2023-06-01",
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"deprecated": false,
"id": "PUB-A-260569414-1c182f8a",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
},
"signature_type": "Function",
"digest": {
"function_hash": "257010832042188423388289082366036976127",
"length": 2098.0
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-4d4f56ef",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"file": "system/test/mock/mock_stack_acl.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"52116404827614007151071091054273483575",
"122972298153767091530435878762563077667",
"183408494215482797936438753177613973126",
"32534141852560561561850178185345777794",
"289391957737813965130583170121220501047"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-73283b3a",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"file": "system/stack/include/acl_hci_link_interface.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"55182960640022639623395153225950417955",
"46099568425112779672466094050365893886",
"112197470410354489338308378631297990969",
"215543892229333305585700143401042194912"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-9b6ca41a",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"file": "system/stack/acl/btm_acl.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"197432015785403291847734253690045575494",
"323152554376691415748760968604280470357",
"292216493079576454879557204924062080927",
"58496750829651245331455553975651463451",
"136160097665787967212055253602751722109",
"143940094458384570757417831579366600257",
"139919327322787380434238767749485507847",
"315534102493692615796251486261400506505",
"185291788149507247207224578901852571063",
"123376658773146610982678383797843484827",
"65279960081443146915166989295711790647",
"120511234688123102451865881422683364256",
"46711727194567930028805879782966910552",
"139073922511987929229117775904002790924",
"263341014086865056344073849104983122739",
"29077767848653852789548673691114032625"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-ad07f9b0",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"function": "btm_read_link_quality_complete",
"file": "system/stack/acl/btm_acl.cc"
},
"signature_type": "Function",
"digest": {
"function_hash": "302795191495329341646750928303156994215",
"length": 774.0
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-cbc9d9ec",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"67623452993050920459062686127892814440",
"158941216599183211904720826236231977225",
"272100409675608664361666758493877008226",
"107026769148702083207167741945240330927"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-e4570623",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8ed958ed40fa84fd0e2f4c2ad6c49dad6e994d2d",
"signature_version": "v1",
"target": {
"file": "system/test/mock/mock_stack_acl.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"168468718710308343939600118711604089041",
"141214466061481631426945562988365872240",
"153768791542116689872044486823226593398",
"52662068341782220093324479474909256787",
"34833108719324824323299618687064594604",
"147382389546521545526045556728452663205"
]
}
}
]
}
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"spl": "2023-06-01",
"severity": "Moderate",
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839"
],
"types": [
"ID"
],
"vanir_signatures": [
{
"deprecated": false,
"id": "PUB-A-260569414-0c673ddb",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"file": "system/stack/acl/btm_acl.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"197432015785403291847734253690045575494",
"323152554376691415748760968604280470357",
"292216493079576454879557204924062080927",
"58496750829651245331455553975651463451",
"136160097665787967212055253602751722109",
"143940094458384570757417831579366600257",
"139919327322787380434238767749485507847",
"315534102493692615796251486261400506505",
"185291788149507247207224578901852571063",
"123376658773146610982678383797843484827",
"65279960081443146915166989295711790647",
"120511234688123102451865881422683364256",
"46711727194567930028805879782966910552",
"139073922511987929229117775904002790924",
"263341014086865056344073849104983122739",
"29077767848653852789548673691114032625"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-10a77e22",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"file": "system/stack/btu/btu_hcif.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"67623452993050920459062686127892814440",
"158941216599183211904720826236231977225",
"272100409675608664361666758493877008226",
"107026769148702083207167741945240330927"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-1945d0f0",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"file": "system/test/mock/mock_stack_acl.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"52116404827614007151071091054273483575",
"122972298153767091530435878762563077667",
"183408494215482797936438753177613973126",
"32534141852560561561850178185345777794",
"289391957737813965130583170121220501047"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-21d53239",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"function": "btu_hcif_hdl_command_complete",
"file": "system/stack/btu/btu_hcif.cc"
},
"signature_type": "Function",
"digest": {
"function_hash": "235604982423465775564157247840940631481",
"length": 1979.0
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-288e47cc",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"function": "btm_read_link_quality_complete",
"file": "system/stack/acl/btm_acl.cc"
},
"signature_type": "Function",
"digest": {
"function_hash": "302795191495329341646750928303156994215",
"length": 774.0
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-5bd57951",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"file": "system/stack/include/acl_hci_link_interface.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"55182960640022639623395153225950417955",
"46099568425112779672466094050365893886",
"112197470410354489338308378631297990969",
"215543892229333305585700143401042194912"
]
}
},
{
"deprecated": false,
"id": "PUB-A-260569414-9cf09674",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b2c6806c9458b6e599d29fd327584ce0afd83839",
"signature_version": "v1",
"target": {
"file": "system/test/mock/mock_stack_acl.cc"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"168468718710308343939600118711604089041",
"141214466061481631426945562988365872240",
"153768791542116689872044486823226593398",
"52662068341782220093324479474909256787",
"34833108719324824323299618687064594604",
"147382389546521545526045556728452663205"
]
}
}
]
}