{"id":"ASB-A-174182139", "published":"2021-06-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2021-0522", "A-174182139"], "details":"In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-06-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84"], "severity":"High", "spl":"2021-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["298198116241899993833217634389560504667", "287012202328669652311876090109824391990", "47879640589574822830942397260413806572", "201339308334320448245842070676463746924"], "threshold":0.9}, "id":"ASB-A-174182139-1641211b", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.cc"}}, {"deprecated":false, "digest":{"line_hashes":["194928598227912554565230997380017534726", "77556518358887016562119304689174807795", "86632212868385445720299860168464525261", "144826320422077285944620029434252398822"], "threshold":0.9}, "id":"ASB-A-174182139-247a05e1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.h"}}, {"deprecated":false, "digest":{"function_hash":"220432715238360302771225885058009308197", "length":3093}, "id":"ASB-A-174182139-57ecdda1", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.cc", "function":"ConnectionHandler::SdpCb"}}]}}, {"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-06-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84"], "severity":"High", "spl":"2021-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"220432715238360302771225885058009308197", "length":3093}, "id":"ASB-A-174182139-430a3310", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.cc", "function":"ConnectionHandler::SdpCb"}}, {"deprecated":false, "digest":{"line_hashes":["298198116241899993833217634389560504667", "287012202328669652311876090109824391990", "47879640589574822830942397260413806572", "201339308334320448245842070676463746924"], "threshold":0.9}, "id":"ASB-A-174182139-cef489d9", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.cc"}}, {"deprecated":false, "digest":{"line_hashes":["194928598227912554565230997380017534726", "77556518358887016562119304689174807795", "86632212868385445720299860168464525261", "144826320422077285944620029434252398822"], "threshold":0.9}, "id":"ASB-A-174182139-ef8ee825", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/5160c8d0bad685f7831d47e6048cfcb0998bbc84", "target":{"file":"profile/avrcp/connection_handler.h"}}]}}, {"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-06-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/71c573ae67b6a15c33ad1036b37b999c54d7236b"], "severity":"High", "spl":"2021-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["133622156672709236633488552820528861554", "316643902702355795794671798071459542726", "157089739734219949707838566518876663940", "296190649613492093493013584429836317712"], "threshold":0.9}, "id":"ASB-A-174182139-11481b95", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/71c573ae67b6a15c33ad1036b37b999c54d7236b", "target":{"file":"profile/avrcp/connection_handler.h"}}, {"deprecated":false, "digest":{"line_hashes":["298198116241899993833217634389560504667", "174298211505879605071222028669227333094", "77652035103966742432796253987282744798", "329842816619459239744471971419928151750"], "threshold":0.9}, "id":"ASB-A-174182139-6de589a4", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/71c573ae67b6a15c33ad1036b37b999c54d7236b", "target":{"file":"profile/avrcp/connection_handler.cc"}}, {"deprecated":false, "digest":{"function_hash":"291147108011544128857938207923043313668", "length":3282}, "id":"ASB-A-174182139-b55a2239", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/71c573ae67b6a15c33ad1036b37b999c54d7236b", "target":{"file":"profile/avrcp/connection_handler.cc", "function":"ConnectionHandler::SdpCb"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-06-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/bt/+/71c573ae67b6a15c33ad1036b37b999c54d7236b"}]}