CVE-2023-21195

MEDIUM Year: 2023
CVSS v3 Score
4.5
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In btm_ble_periodic_adv_sync_tx_rcvd of btm_ble_gap.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth, if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233879420

Related Vulnerabilities

CVE-2020-0281

MEDIUM
CVSS:4.5(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction...

CWE-1252020

CVE-2020-0282

MEDIUM
CVSS:4.5(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure. System execution privileges, a Firmware compromise, and User interaction...

CWE-1252020

CVE-2021-0996

MEDIUM
CVSS:4.5(Medium)

In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privilege...

CWE-1252021

CVE-2023-20987

MEDIUM
CVSS:4.5(Medium)

In btm_read_link_quality_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over Bluetooth with System execut...

CWE-1252023

CVE-2023-20988

MEDIUM
CVSS:4.5(Medium)

In btm_read_rssi_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execu...

CWE-1252023

CVE-2023-20992

MEDIUM
CVSS:4.5(Medium)

In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System...

CWE-1252023