Google Android elevation of privilege vulnerability (CNVD-2024-07127)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to the disclosure of side-channel information in the BTMble.cc script BTMBleVerifySignature, which can be exploited by an attacker to gain elevated...

CVE-2023-40090

What’s affected: Google Android platform vulnerability CVE-2023-40090 in the Bluetooth stack, specifically BTM_BleVerifySignature in btm_ble.cc. The issue is described as bypassing signature validation via side-channel information disclosure, enabling remote escalation of privilege with no additi...

CVE-2023-20990

In btmblerandenccomplete of btmble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

Out-of-bounds

In btmblerandenccomplete of btmble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...