2 matches found
CVE-2023-40129
In buildreadmultirsp of gattsr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40129
CVE-2023-40129 describes a heap-based out-of-bounds write in the Bluetooth stack (build_read_multi_rsp in gatt_sr.cc) that enables remote code execution with no user interaction. The NVD entry and Android security documentation indicate an adjacent attack vector with high impact and a base CVSS v...