ASB-A-275553827

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-275553827.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-275553827
Aliases
  • A-275553827
  • CVE-2023-45781
Published
2023-12-01T00:00:00Z
Modified
2024-08-07T19:30:16.634117Z
Summary
Potential oob read due to missing bounds check in BleAdvertiserInterfaceImpl::SetPeriodicAdvertisingData() of bluetooth stack
Details

In parsegapdata of utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14-next:0
Fixed
14-next:2023-12-01

Affected versions

Other

14-next

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "94492107463880845494632701234549649063",
                    "219830136190913636729478047609910036608",
                    "101897737696546019163149886722561118805"
                ]
            },
            "id": "ASB-A-275553827-9e38bf96",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/428cb27ba2c29efebf21ae7309de999349e41e59",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/shim/utils.cc"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "231285743042819527232815121969746658811",
                    "314854467415786985514633660608332205329",
                    "325128250012017582601833078253691077675",
                    "46339971001547406943666543058211388831",
                    "87946779555236522802848687793823014147",
                    "250168972178575959516637437839069314440",
                    "92125409456380547949533697018235160899",
                    "296707522572604186880950123823137627867",
                    "271464843085239885509027805553597455167",
                    "270408727807252724130556661340138872768",
                    "38936639570551431415311947064877694572",
                    "286015399479579306295642811303949825040",
                    "270670441872248262503158621476552009600"
                ]
            },
            "id": "ASB-A-275553827-f07eabaf",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/79853094dfcdeef0926de7a8dc9de351f376c2ae",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/test/main_shim_test.cc"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/428cb27ba2c29efebf21ae7309de999349e41e59",
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/79853094dfcdeef0926de7a8dc9de351f376c2ae"
    ],
    "spl": "2023-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
13:0
Fixed
13:2023-12-01

Affected versions

Other

13

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "94492107463880845494632701234549649063",
                    "219830136190913636729478047609910036608",
                    "101897737696546019163149886722561118805"
                ]
            },
            "id": "ASB-A-275553827-322d77d3",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0d7e3d8fd96389f1435b76f37064c69ae61df6e7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/shim/utils.cc"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327030814206801705568272272769282681619",
                    "63430347468471150713515859604247426098",
                    "177256749668879946052420909025845541815",
                    "336197696887300612500368321906949197612",
                    "7023700378683805812284150193322491590",
                    "308303091709784860238294796470831729104",
                    "41512814911782697727944906428374281791",
                    "199387380422746987521581375860556133430",
                    "7632747715536282341483595823909906742",
                    "202619291341572627107073682322068216357",
                    "62195831614701415041771759049808627117",
                    "97919998536875352392029519152349146153",
                    "12297857046202230276255023980475399806",
                    "208154556157904693327480208086525076786",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "136905009886550813916793569406110183113",
                    "48498044739532262115399883859101076703",
                    "195963111916188445980702023130362482820",
                    "7503896443939025191268852271883173355",
                    "333838438213893871047942985875155502485",
                    "53323826977513092617023153969495990045",
                    "300200316976278890986727844059786657854",
                    "142112062768447869696848490183429774185",
                    "114351683731824353012057724171070501426",
                    "179885338287401921209099744648410173255",
                    "231271339395236699233156642261248713321",
                    "87011140378884024832450806605300765815",
                    "222875774709497932288959647272322530084",
                    "194248068024723552801178691308350105589",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "137874232931650809884862994852159688952",
                    "110344851887699135959495744245825885348",
                    "282462036378166365311954410334800761457",
                    "171806565438092750156948441982105719743",
                    "84922748809458427040143875514462493696",
                    "220013106416718762740811924093138491460",
                    "53012940070871241559500975541730766259",
                    "248075789983493611437484074712754285714",
                    "195170496055021341851948570771874027076",
                    "145747691794017324630534698081937684842",
                    "287829149225245632498320581521470617748",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "184058416467515285074500643470852100397",
                    "11312957429067828938714584860195367066",
                    "276894915555647605685622676540224736874",
                    "42785868077123474838636279151265630823",
                    "72513822806641628117224417398036820670",
                    "186234912531032673129663105938493433471",
                    "105608306756077133932567116680832400169",
                    "67435769909622897760530230000499879021",
                    "226660827351024211240712702712333600652",
                    "179885338287401921209099744648410173255",
                    "231271339395236699233156642261248713321",
                    "87011140378884024832450806605300765815",
                    "222875774709497932288959647272322530084",
                    "194248068024723552801178691308350105589",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "137874232931650809884862994852159688952",
                    "110344851887699135959495744245825885348",
                    "282462036378166365311954410334800761457",
                    "171806565438092750156948441982105719743",
                    "84922748809458427040143875514462493696",
                    "220013106416718762740811924093138491460",
                    "53012940070871241559500975541730766259",
                    "248075789983493611437484074712754285714",
                    "195170496055021341851948570771874027076",
                    "145747691794017324630534698081937684842",
                    "287829149225245632498320581521470617748",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "184058416467515285074500643470852100397",
                    "11312957429067828938714584860195367066",
                    "276894915555647605685622676540224736874",
                    "106518900895324694844665447203175484292",
                    "288978180414142429948161068769838942054",
                    "164778510989618703556859890736117184859",
                    "118564552016172004767829688582877697772",
                    "339652880101019891055328579994454785208",
                    "70437021873498351622086013709202456940",
                    "107714416470071686635836016530811681693",
                    "34403370605866031276955811998812699801",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "133524430120598428085049793222350931201",
                    "2909876513560324574045957906883453653",
                    "323449947549700267819150660898366968383",
                    "116120424922529393016289337447216343419",
                    "194571551759215515077045469144481895474",
                    "2841271255674981141202844246851505929",
                    "250439990667004072432566205637140737535",
                    "41512814911782697727944906428374281791",
                    "199387380422746987521581375860556133430",
                    "7632747715536282341483595823909906742",
                    "202619291341572627107073682322068216357",
                    "62195831614701415041771759049808627117",
                    "97919998536875352392029519152349146153",
                    "12297857046202230276255023980475399806",
                    "208154556157904693327480208086525076786",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "136905009886550813916793569406110183113",
                    "48498044739532262115399883859101076703",
                    "195963111916188445980702023130362482820",
                    "90853632764648871983122763764275730192",
                    "27495365281271043021741109635259802492",
                    "251858724020138031226931019238982389657"
                ]
            },
            "id": "ASB-A-275553827-ac17a9fb",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/08690d66322386d506818b298ad067622d4d5686",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/shim/le_advertising_manager.cc"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/08690d66322386d506818b298ad067622d4d5686",
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0d7e3d8fd96389f1435b76f37064c69ae61df6e7"
    ],
    "spl": "2023-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}

Android / platform/packages/modules/Bluetooth

Affected ranges

Type
ECOSYSTEM
Events
Introduced
14:0
Fixed
14:2023-12-01

Affected versions

Other

14

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "94492107463880845494632701234549649063",
                    "219830136190913636729478047609910036608",
                    "101897737696546019163149886722561118805"
                ]
            },
            "id": "ASB-A-275553827-37a43a2e",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0d7e3d8fd96389f1435b76f37064c69ae61df6e7",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/shim/utils.cc"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "327030814206801705568272272769282681619",
                    "175286634798090721780131092849257972576",
                    "177256749668879946052420909025845541815",
                    "336197696887300612500368321906949197612",
                    "7023700378683805812284150193322491590",
                    "308303091709784860238294796470831729104",
                    "41512814911782697727944906428374281791",
                    "199387380422746987521581375860556133430",
                    "7632747715536282341483595823909906742",
                    "202619291341572627107073682322068216357",
                    "62195831614701415041771759049808627117",
                    "97919998536875352392029519152349146153",
                    "12297857046202230276255023980475399806",
                    "208154556157904693327480208086525076786",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "136905009886550813916793569406110183113",
                    "48498044739532262115399883859101076703",
                    "195963111916188445980702023130362482820",
                    "7503896443939025191268852271883173355",
                    "333838438213893871047942985875155502485",
                    "53323826977513092617023153969495990045",
                    "244685888971144799651715868048584096969",
                    "6508833554770891203761759664756552594",
                    "114351683731824353012057724171070501426",
                    "179885338287401921209099744648410173255",
                    "231271339395236699233156642261248713321",
                    "87011140378884024832450806605300765815",
                    "222875774709497932288959647272322530084",
                    "194248068024723552801178691308350105589",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "137874232931650809884862994852159688952",
                    "110344851887699135959495744245825885348",
                    "282462036378166365311954410334800761457",
                    "171806565438092750156948441982105719743",
                    "84922748809458427040143875514462493696",
                    "220013106416718762740811924093138491460",
                    "53012940070871241559500975541730766259",
                    "248075789983493611437484074712754285714",
                    "195170496055021341851948570771874027076",
                    "145747691794017324630534698081937684842",
                    "287829149225245632498320581521470617748",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "184058416467515285074500643470852100397",
                    "11312957429067828938714584860195367066",
                    "276894915555647605685622676540224736874",
                    "42785868077123474838636279151265630823",
                    "72513822806641628117224417398036820670",
                    "186234912531032673129663105938493433471",
                    "220828059941716786204028169500045147600",
                    "272020238239823242554741085294198253450",
                    "223125789438979949749947465009380999985",
                    "179885338287401921209099744648410173255",
                    "231271339395236699233156642261248713321",
                    "87011140378884024832450806605300765815",
                    "222875774709497932288959647272322530084",
                    "194248068024723552801178691308350105589",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "137874232931650809884862994852159688952",
                    "110344851887699135959495744245825885348",
                    "282462036378166365311954410334800761457",
                    "171806565438092750156948441982105719743",
                    "84922748809458427040143875514462493696",
                    "220013106416718762740811924093138491460",
                    "53012940070871241559500975541730766259",
                    "248075789983493611437484074712754285714",
                    "195170496055021341851948570771874027076",
                    "145747691794017324630534698081937684842",
                    "287829149225245632498320581521470617748",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "184058416467515285074500643470852100397",
                    "11312957429067828938714584860195367066",
                    "276894915555647605685622676540224736874",
                    "106518900895324694844665447203175484292",
                    "288978180414142429948161068769838942054",
                    "164778510989618703556859890736117184859",
                    "118564552016172004767829688582877697772",
                    "339652880101019891055328579994454785208",
                    "70437021873498351622086013709202456940",
                    "107714416470071686635836016530811681693",
                    "34403370605866031276955811998812699801",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "133524430120598428085049793222350931201",
                    "2909876513560324574045957906883453653",
                    "323449947549700267819150660898366968383",
                    "244676824018729440018550104120948676520",
                    "210627435469000668971619946167660641536",
                    "49773732802672172907798937317186562633",
                    "250439990667004072432566205637140737535",
                    "41512814911782697727944906428374281791",
                    "199387380422746987521581375860556133430",
                    "7632747715536282341483595823909906742",
                    "202619291341572627107073682322068216357",
                    "62195831614701415041771759049808627117",
                    "97919998536875352392029519152349146153",
                    "12297857046202230276255023980475399806",
                    "208154556157904693327480208086525076786",
                    "37621158382105833733164706378643694169",
                    "203689988850667646356688232159993179900",
                    "136905009886550813916793569406110183113",
                    "48498044739532262115399883859101076703",
                    "195963111916188445980702023130362482820",
                    "90853632764648871983122763764275730192",
                    "27495365281271043021741109635259802492",
                    "251858724020138031226931019238982389657"
                ]
            },
            "id": "ASB-A-275553827-4ff1c8ed",
            "source": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5b0977e64527539360b96649fd9a03078ba2de6f",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "system/main/shim/le_advertising_manager.cc"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5b0977e64527539360b96649fd9a03078ba2de6f",
        "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/0d7e3d8fd96389f1435b76f37064c69ae61df6e7"
    ],
    "spl": "2023-12-01",
    "severity": "High",
    "types": [
        "ID"
    ]
}