Race condition

In FindOrCreatePeer of btifav.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9...

CVE-2021-0476

CVE-2021-0476 describes a local elevation-of-privilege vulnerability due to a race condition causing a use-after-free in FindOrCreatePeer (btif_av.cc). Affected: Android 11, 10, 9. Exploitation requires local access with no user interaction; impact is escalation to a privileged context with high ...

CVE-2019-2227

In DeepCopy of btifav.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

CVE-2019-2227

CVE-2019-2227 affects Android devices via a DeepCopy bug in btif_av.cc that can trigger an out-of-bounds read, enabling remote information disclosure over Bluetooth without user interaction. The entry covers Android 9 and 10, with impact described as information disclosure (confidentiality) and a...