78 matches found
CVE-2023-21188
In btmbleupdateinqresult of btmblegap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2023-21202
In btmdeletestoredlinkkeycomplete of btmdevctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from a possible out-of-bounds read due to a lack of bounds checking in btmdevctl.cc's btmdeletestoredlinkkeycomplete, which could lead to the disclosure of local informatio...
Google Pixel 安全漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that originates in btmaclencryptchange in btmacl.cc, which could lead to the disclosure of local information as the remote device can be encrypted with encryption turned off an...
Google Pixel 缓冲区错误漏洞
Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from a possible out-of-bounds read due to a heap buffer overflow in btmblegap.cc's btmbleupdateinqresult, which could lead to a local information disclosure...
PT-2023-17985 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to an incorrect bounds check in the btm acl process sca cmpl pkt function of btm acl.cc, which could lead to a possible out of bounds read. This might result in remote information...
CVE-2023-21130
In btmbleperiodicadvsynclost of btmblegap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...
PT-2023-17907 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-12L Description: The issue is related to improperly used crypto in the btm sec encrypt change function of btm sec.cc. This could lead to a paired device escalation of privilege with no additional...
ASB-A-258834033
In btmsecencryptchange of btmsec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-20983
In btmblerandenccomplete of btmble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
CVE-2023-20986
In btmbleclearresolvinglistcompletecomplete of btmbleprivacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20972
In btmvendorspecificevt of btmdevctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...
Out-of-bounds
In btmbleprocessperiodicadvsynclostevt of blescannerhciinterface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:...
PT-2023-17760 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In the btm vendor specific evt function of btm devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution...
PT-2023-17779 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm ble rand enc complete function of btm ble.cc due to a missing bounds check. This could lead to local information disclosure, requiring...
PT-2023-17761 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm create conn cancel complete function of btm sec.cc due to a missing bounds check. This could lead to local information disclosure,...
PT-2023-17765 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm ble read remote features complete function of btm ble gap.cc due to improper input validation. This could lead to local information...
PT-2023-17774 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible out of bounds read in the btm ble clear resolving list complete function of btm ble privacy.cc due to a missing bounds check. This could lead to local information...
CVE-2023-20986
In btmbleclearresolvinglistcompletecomplete of btmbleprivacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2022-33284
Information disclosure due to buffer over-read in WLAN while parsing BTM action frame...