CVE-2022-20221
CVE-2022-20221 affects Android devices with a vulnerability in avrc_ctrl_pars_vendor_cmd (avrc_pars_ct.cc) where improper input validation can cause an out-of-bounds read, enabling remote information disclosure over Bluetooth without extra privileges. The issue resides in the Bluetooth AVRCP pars...