{"id":"ASB-A-220732646", "published":"2022-07-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2022-20224", "A-220732646"], "details":"In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2022-07-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/4ce5a3c374fb5d24f367a202a6a3dcab4ba4dffd"], "severity":"High", "spl":"2022-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["205516247379723093190107529820985818835", "284698599951166404841017736866893809950", "23181201197599775582528491043066744012", "327095647922658433065392263037062196298", "129786613184741619539432120699389574637"], "threshold":0.9}, "id":"ASB-A-220732646-f20bc708", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/4ce5a3c374fb5d24f367a202a6a3dcab4ba4dffd", "target":{"file":"bta/hf_client/bta_hf_client_at.cc"}}]}}, {"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2022-07-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/863a0f417f6358892783860e08bf093d027764cf"], "severity":"High", "spl":"2022-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["205516247379723093190107529820985818835", "284698599951166404841017736866893809950", "23181201197599775582528491043066744012", "327095647922658433065392263037062196298", "129786613184741619539432120699389574637"], "threshold":0.9}, "id":"ASB-A-220732646-661c8e23", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/863a0f417f6358892783860e08bf093d027764cf", "target":{"file":"bta/hf_client/bta_hf_client_at.cc"}}]}}, {"package":{"name":"platform/system/bt", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2022-07-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/45d32366dc9770e41ca2110537fef076f98a4c5a"], "severity":"High", "spl":"2022-07-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["205516247379723093190107529820985818835", "284698599951166404841017736866893809950", "23181201197599775582528491043066744012", "327095647922658433065392263037062196298", "129786613184741619539432120699389574637"], "threshold":0.9}, "id":"ASB-A-220732646-46e3b7e1", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/system/bt/+/45d32366dc9770e41ca2110537fef076f98a4c5a", "target":{"file":"bta/hf_client/bta_hf_client_at.cc"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-07-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/system/bt/+/7c21b56b7880579965e95cf24c2ab49326a3f2b9"}]}