{"id":"ASB-A-213519176", "published":"2022-05-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2022-20010", "A-213519176"], "details":"In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2022-05-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c"], "severity":"High", "spl":"2022-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"66384597321222302059653465565508107849", "length":15253}, "id":"ASB-A-213519176-10e763c0", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c", "target":{"file":"stack/l2cap/l2c_ble.cc", "function":"l2cble_process_sig_cmd"}}, {"deprecated":false, "digest":{"line_hashes":["93806745416747169019900065717920985461", "147032250423540864756636254208448098760", "262545177973303395066338178195281075998", "296716890037747899860041690233153801793"], "threshold":0.9}, "id":"ASB-A-213519176-333947e6", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c", "target":{"file":"stack/l2cap/l2c_ble.cc"}}]}}, {"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2022-05-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c"], "severity":"High", "spl":"2022-05-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"66384597321222302059653465565508107849", "length":15253}, "id":"ASB-A-213519176-8aaa36f4", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c", "target":{"file":"stack/l2cap/l2c_ble.cc", "function":"l2cble_process_sig_cmd"}}, {"deprecated":false, "digest":{"line_hashes":["93806745416747169019900065717920985461", "147032250423540864756636254208448098760", "262545177973303395066338178195281075998", "296716890037747899860041690233153801793"], "threshold":0.9}, "id":"ASB-A-213519176-b8e4f7c1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/ed4b512d2b3d45151b7f70e4c8c60b1a052a5d7c", "target":{"file":"stack/l2cap/l2c_ble.cc"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-05-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/bt/+/2dceafe75bda383e609910b3c882a155a32584af"}]}