2 matches found
CVE-2020-0377
In gattprocessreadbytypersp of gattcl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0377
CVE-2020-0377 targets Android Bluetooth stack: in gatt_process_read_by_type_rsp of gatt_cl.cc, a missing bounds check allows an out-of-bounds read, enabling remote information disclosure on Bluetooth servers without extra privileges. Affected: Android 8.0–11 (Android-8.0, 8.1, 9, 10, 11) per the ...