In avrcmsgcback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "25691793736011755144675238646456011203", "213051613258159687891157273033913211463", "199865173318442732021864401992381161092", "181915817969334015180679003080769794327" ] }, "id": "ASB-A-174149901-64fa8f9c", "source": "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034", "deprecated": false, "signature_version": "v1", "target": { "file": "stack/avrc/avrc_api.cc" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034" ], "spl": "2021-04-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "25691793736011755144675238646456011203", "213051613258159687891157273033913211463", "199865173318442732021864401992381161092", "181915817969334015180679003080769794327" ] }, "id": "ASB-A-174149901-549da8fa", "source": "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034", "deprecated": false, "signature_version": "v1", "target": { "file": "stack/avrc/avrc_api.cc" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034" ], "spl": "2021-04-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "25691793736011755144675238646456011203", "213051613258159687891157273033913211463", "199865173318442732021864401992381161092", "181915817969334015180679003080769794327" ] }, "id": "ASB-A-174149901-20a3c35f", "source": "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034", "deprecated": false, "signature_version": "v1", "target": { "file": "stack/avrc/avrc_api.cc" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034" ], "spl": "2021-04-01", "severity": "High", "types": [ "ID" ] }
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "25691793736011755144675238646456011203", "213051613258159687891157273033913211463", "199865173318442732021864401992381161092", "181915817969334015180679003080769794327" ] }, "id": "ASB-A-174149901-a14946a2", "source": "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034", "deprecated": false, "signature_version": "v1", "target": { "file": "stack/avrc/avrc_api.cc" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034" ], "spl": "2021-04-01", "severity": "High", "types": [ "ID" ] }