PUB-A-261857395

See a problem?
Import Source
https://storage.googleapis.com/android-osv/PUB-A-261857395.json
JSON Data
https://api.osv.dev/v1/vulns/PUB-A-261857395
Aliases
Published
2023-06-01T00:00:00Z
Modified
2026-04-17T15:55:28.020024Z
Summary
[none]
Details

In btmblebatchscanfiltertrackadvvsecback of btmble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Bluetooth

Package

Name
platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13-next:0
Fixed
13-next:2023-06-01

Affected versions

Other
13-next

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "16276308536838048564391588226339405023",
                    "314948712574164808921584153306691502403",
                    "113754413290692655177263548935868418351",
                    "132986881310027458669326471364970709590",
                    "310858726269934895533229492769116261693",
                    "102172718869360331833212396559600731618",
                    "279415039534860672404687007059789050476",
                    "131146324542424074192979982911708370719",
                    "272008996873394428805330809523762299906",
                    "23097328352997370459884919771444815053",
                    "1056514552567377713410099963957207258",
                    "210808304601870682230728949717801520707",
                    "47061259919034927765025885382840062594",
                    "40011571491480450110481739262622879286",
                    "103908216389789488639376834295949441336",
                    "269424099109402562172354619729860063141",
                    "58139409375986743851710985028777972298",
                    "148373393162882033973257156371622415117",
                    "52672578180042948831948626064784968340",
                    "40583038587652380039640689117943432468",
                    "42654043377197860962981240438897896707",
                    "178427242276170347809238043195937465563",
                    "314286285522645166274438116751300110704",
                    "14085346397466094487897505559215469942",
                    "83946472440612095981748132393743154801",
                    "22719246637737542001868175346762326255",
                    "225746277784383360638876631265169815211",
                    "202602873096280078119841019691178628415",
                    "129845301900870639488307551200080716793",
                    "240197643972712936190462010741701938194",
                    "229036865155130366305770548188093406766",
                    "280018579687411336514844752302229018378",
                    "236137458355347890361215743344639874313",
                    "327794514350218014445433929916315867216",
                    "78564406537967353718264773274274478338",
                    "94384269470022003985666208508997847952",
                    "124322963261821670672685189337361041229",
                    "39102702791275731539284395096602433815",
                    "297063676588634458477586866891214892886",
                    "280213876813813338804356004165804294579",
                    "109412383185133777684554500299883890901",
                    "199663428102754125596052461157338815312",
                    "58983557586720109538434654743371121418",
                    "160882060770664606581495109306316018989"
                ]
            },
            "id": "PUB-A-261857395-a383beae",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
            "target": {
                "file": "system/stack/btm/btm_ble_batchscan.cc"
            }
        },
        {
            "digest": {
                "length": 2058.0,
                "function_hash": "308852664891405002207167474436655693499"
            },
            "id": "PUB-A-261857395-b6b23856",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
            "target": {
                "function": "btm_ble_batchscan_filter_track_adv_vse_cback",
                "file": "system/stack/btm/btm_ble_batchscan.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/PUB-A-261857395.json"

Android / platform/packages/modules/Bluetooth

Package

Name
platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-06-01

Affected versions

Other
13

Ecosystem specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "16276308536838048564391588226339405023",
                    "314948712574164808921584153306691502403",
                    "113754413290692655177263548935868418351",
                    "132986881310027458669326471364970709590",
                    "310858726269934895533229492769116261693",
                    "102172718869360331833212396559600731618",
                    "279415039534860672404687007059789050476",
                    "131146324542424074192979982911708370719",
                    "272008996873394428805330809523762299906",
                    "23097328352997370459884919771444815053",
                    "1056514552567377713410099963957207258",
                    "210808304601870682230728949717801520707",
                    "47061259919034927765025885382840062594",
                    "40011571491480450110481739262622879286",
                    "103908216389789488639376834295949441336",
                    "269424099109402562172354619729860063141",
                    "58139409375986743851710985028777972298",
                    "148373393162882033973257156371622415117",
                    "52672578180042948831948626064784968340",
                    "40583038587652380039640689117943432468",
                    "42654043377197860962981240438897896707",
                    "178427242276170347809238043195937465563",
                    "314286285522645166274438116751300110704",
                    "14085346397466094487897505559215469942",
                    "83946472440612095981748132393743154801",
                    "22719246637737542001868175346762326255",
                    "225746277784383360638876631265169815211",
                    "202602873096280078119841019691178628415",
                    "129845301900870639488307551200080716793",
                    "240197643972712936190462010741701938194",
                    "229036865155130366305770548188093406766",
                    "280018579687411336514844752302229018378",
                    "236137458355347890361215743344639874313",
                    "327794514350218014445433929916315867216",
                    "78564406537967353718264773274274478338",
                    "94384269470022003985666208508997847952",
                    "124322963261821670672685189337361041229",
                    "39102702791275731539284395096602433815",
                    "297063676588634458477586866891214892886",
                    "280213876813813338804356004165804294579",
                    "109412383185133777684554500299883890901",
                    "199663428102754125596052461157338815312",
                    "58983557586720109538434654743371121418",
                    "160882060770664606581495109306316018989"
                ]
            },
            "id": "PUB-A-261857395-5682af1d",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Line",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
            "target": {
                "file": "system/stack/btm/btm_ble_batchscan.cc"
            }
        },
        {
            "digest": {
                "length": 2058.0,
                "function_hash": "308852664891405002207167474436655693499"
            },
            "id": "PUB-A-261857395-6112b1ec",
            "deprecated": false,
            "signature_version": "v1",
            "signature_type": "Function",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16",
            "target": {
                "function": "btm_ble_batchscan_filter_track_adv_vse_cback",
                "file": "system/stack/btm/btm_ble_batchscan.cc"
            }
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"
    ],
    "types": [
        "ID"
    ],
    "spl": "2023-06-01",
    "severity": "Moderate"
}

Database specific

source 
"https://storage.googleapis.com/android-osv/PUB-A-261857395.json"