CVE-2023-20992

MEDIUM Year: 2023
CVSS v3 Score
4.5
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568750

Related Vulnerabilities

CVE-2020-0281

MEDIUM
CVSS:4.5(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction...

CWE-1252020

CVE-2020-0282

MEDIUM
CVSS:4.5(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction...

CWE-1252020

CVE-2021-0996

MEDIUM
CVSS:4.5(Medium)

In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privilege...

CWE-1252021

CVE-2023-20987

MEDIUM
CVSS:4.5(Medium)

In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execut...

CWE-1252023

CVE-2023-20988

MEDIUM
CVSS:4.5(Medium)

In btm_read_rssi_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execu...

CWE-1252023

CVE-2023-21195

MEDIUM
CVSS:4.5(Medium)

In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the ...

CWE-1252023