PUB-A-261857395
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-261857395.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-261857395
- Aliases
-
- A-261857395
- CVE-2023-21196
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2024-11-06T12:16:03.231308Z
- Summary
- [none]
- Details
-
In btmblebatchscanfiltertrackadvvsecback of btmble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/modules/Bluetooth
Package
Ecosystem specific
{
"vanir_signatures": [
{
"match_only_versions": [
"13-next"
],
"digest": {
"threshold": 0.9,
"line_hashes": [
"16276308536838048564391588226339405023",
"314948712574164808921584153306691502403",
"113754413290692655177263548935868418351",
"132986881310027458669326471364970709590",
"310858726269934895533229492769116261693",
"102172718869360331833212396559600731618",
"279415039534860672404687007059789050476",
"131146324542424074192979982911708370719",
"272008996873394428805330809523762299906",
"23097328352997370459884919771444815053",
"1056514552567377713410099963957207258",
"210808304601870682230728949717801520707",
"47061259919034927765025885382840062594",
"40011571491480450110481739262622879286",
"103908216389789488639376834295949441336",
"269424099109402562172354619729860063141",
"58139409375986743851710985028777972298",
"148373393162882033973257156371622415117",
"52672578180042948831948626064784968340",
"40583038587652380039640689117943432468",
"42654043377197860962981240438897896707",
"178427242276170347809238043195937465563",
"314286285522645166274438116751300110704",
"14085346397466094487897505559215469942",
"83946472440612095981748132393743154801",
"22719246637737542001868175346762326255",
"225746277784383360638876631265169815211",
"202602873096280078119841019691178628415",
"129845301900870639488307551200080716793",
"240197643972712936190462010741701938194",
"229036865155130366305770548188093406766",
"280018579687411336514844752302229018378",
"236137458355347890361215743344639874313",
"327794514350218014445433929916315867216",
"78564406537967353718264773274274478338",
"94384269470022003985666208508997847952",
"124322963261821670672685189337361041229",
"39102702791275731539284395096602433815",
"297063676588634458477586866891214892886",
"280213876813813338804356004165804294579",
"109412383185133777684554500299883890901",
"199663428102754125596052461157338815312",
"58983557586720109538434654743371121418",
"160882060770664606581495109306316018989"
]
},
"id": "PUB-A-261857395-a383beae",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btm/btm_ble_batchscan.cc"
},
"signature_type": "Line"
},
{
"match_only_versions": [
"13-next"
],
"digest": {
"length": 2058.0,
"function_hash": "308852664891405002207167474436655693499"
},
"id": "PUB-A-261857395-b6b23856",
"source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "system/stack/btm/btm_ble_batchscan.cc",
"function": "btm_ble_batchscan_filter_track_adv_vse_cback"
},
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"
],
"spl": "2023-06-01",
"severity": "Moderate",
"types": [
"ID"
]
}