5 matches found
Google Android elevation of privilege vulnerability (CNVD-2024-07127)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to the disclosure of side-channel information in the BTMble.cc script BTMBleVerifySignature, which can be exploited by an attacker to gain elevated...
CVE-2023-40090
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Design/Logic Flaw
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40090
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40090
What’s affected: Google Android platform vulnerability CVE-2023-40090 in the Bluetooth stack, specifically BTM_BleVerifySignature in btm_ble.cc. The issue is described as bypassing signature validation via side-channel information disclosure, enabling remote escalation of privilege with no additi...