{"id":"PUB-A-256165737", "published":"2023-06-01T00:00:00Z", "modified":"2026-04-29T15:10:00.007170452Z", "aliases":["CVE-2023-20981", "A-256165737"], "details":"In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/modules/Bluetooth", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-06-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a"], "severity":"Moderate", "spl":"2023-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"336582734661748564958037119141585034711", "length":4792}, "id":"PUB-A-256165737-39ad2d40", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a", "target":{"file":"system/stack/btu/btu_hcif.cc", "function":"btu_hcif_process_event"}}, {"deprecated":false, "digest":{"line_hashes":["122445623140582117476716815864619406966", "270237901051771015591452979276819797519", "301973965513952811863754946145588730064", "18063600987660727020396096173085053061", "79157904431448262747082275857495241374", "35387678221282559177479552950988699557", "329015732910744385759688024268818136589", "45449181739673993241176699503569153431", "181624077784582716377852058212826525708", "213992691007000150893341665815023272341", "65194841672755231150424500980152141629", "211238691417689538152163424776491854796", "262108294216214657050525185873324354416", "267083727085991318796826883174902489202"], "threshold":0.9}, "id":"PUB-A-256165737-b093188c", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a", "target":{"file":"system/stack/btu/btu_hcif.cc"}}, {"deprecated":false, "digest":{"function_hash":"176204503959658893950115173833424090215", "length":263}, "id":"PUB-A-256165737-b8b92809", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/72c35a1cde78249c1749300cf208298f745d225a", "target":{"file":"system/stack/btu/btu_hcif.cc", "function":"btu_ble_rc_param_req_evt"}}]}}, {"package":{"name":"platform/packages/modules/Bluetooth", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-06-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f"], "severity":"Moderate", "spl":"2023-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["122445623140582117476716815864619406966", "270237901051771015591452979276819797519", "301973965513952811863754946145588730064", "18063600987660727020396096173085053061", "79157904431448262747082275857495241374", "35387678221282559177479552950988699557", "329015732910744385759688024268818136589", "45449181739673993241176699503569153431", "181624077784582716377852058212826525708", "213992691007000150893341665815023272341", "65194841672755231150424500980152141629", "211238691417689538152163424776491854796", "262108294216214657050525185873324354416", "267083727085991318796826883174902489202"], "threshold":0.9}, "id":"PUB-A-256165737-679b28ff", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f", "target":{"file":"system/stack/btu/btu_hcif.cc"}}, {"deprecated":false, "digest":{"function_hash":"232227972830537180929657144775355121285", "length":4846}, "id":"PUB-A-256165737-7715a119", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f", "target":{"file":"system/stack/btu/btu_hcif.cc", "function":"btu_hcif_process_event"}}, {"deprecated":false, "digest":{"function_hash":"176204503959658893950115173833424090215", "length":263}, "id":"PUB-A-256165737-a596a194", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bdefb74e944c86b8665b6627b85818641bac92f", "target":{"file":"system/stack/btu/btu_hcif.cc", "function":"btu_ble_rc_param_req_evt"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-06-01"}]}