{"id":"PUB-A-261857395", "published":"2023-06-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2023-21196", "A-261857395"], "details":"In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/modules/Bluetooth", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13-next:0"}, {"fixed":"13-next:2023-06-01"}]}], "versions":["13-next"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"], "severity":"Moderate", "spl":"2023-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["16276308536838048564391588226339405023", "314948712574164808921584153306691502403", "113754413290692655177263548935868418351", "132986881310027458669326471364970709590", "310858726269934895533229492769116261693", "102172718869360331833212396559600731618", "279415039534860672404687007059789050476", "131146324542424074192979982911708370719", "272008996873394428805330809523762299906", "23097328352997370459884919771444815053", "1056514552567377713410099963957207258", "210808304601870682230728949717801520707", "47061259919034927765025885382840062594", "40011571491480450110481739262622879286", "103908216389789488639376834295949441336", "269424099109402562172354619729860063141", "58139409375986743851710985028777972298", "148373393162882033973257156371622415117", "52672578180042948831948626064784968340", "40583038587652380039640689117943432468", "42654043377197860962981240438897896707", "178427242276170347809238043195937465563", "314286285522645166274438116751300110704", "14085346397466094487897505559215469942", "83946472440612095981748132393743154801", "22719246637737542001868175346762326255", "225746277784383360638876631265169815211", "202602873096280078119841019691178628415", "129845301900870639488307551200080716793", "240197643972712936190462010741701938194", "229036865155130366305770548188093406766", "280018579687411336514844752302229018378", "236137458355347890361215743344639874313", "327794514350218014445433929916315867216", "78564406537967353718264773274274478338", "94384269470022003985666208508997847952", "124322963261821670672685189337361041229", "39102702791275731539284395096602433815", "297063676588634458477586866891214892886", "280213876813813338804356004165804294579", "109412383185133777684554500299883890901", "199663428102754125596052461157338815312", "58983557586720109538434654743371121418", "160882060770664606581495109306316018989"], "threshold":0.9}, "id":"PUB-A-261857395-a383beae", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16", "target":{"file":"system/stack/btm/btm_ble_batchscan.cc"}}, {"deprecated":false, "digest":{"function_hash":"308852664891405002207167474436655693499", "length":2058}, "id":"PUB-A-261857395-b6b23856", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16", "target":{"file":"system/stack/btm/btm_ble_batchscan.cc", "function":"btm_ble_batchscan_filter_track_adv_vse_cback"}}]}}, {"package":{"name":"platform/packages/modules/Bluetooth", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2023-06-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"], "severity":"Moderate", "spl":"2023-06-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["16276308536838048564391588226339405023", "314948712574164808921584153306691502403", "113754413290692655177263548935868418351", "132986881310027458669326471364970709590", "310858726269934895533229492769116261693", "102172718869360331833212396559600731618", "279415039534860672404687007059789050476", "131146324542424074192979982911708370719", "272008996873394428805330809523762299906", "23097328352997370459884919771444815053", "1056514552567377713410099963957207258", "210808304601870682230728949717801520707", "47061259919034927765025885382840062594", "40011571491480450110481739262622879286", "103908216389789488639376834295949441336", "269424099109402562172354619729860063141", "58139409375986743851710985028777972298", "148373393162882033973257156371622415117", "52672578180042948831948626064784968340", "40583038587652380039640689117943432468", "42654043377197860962981240438897896707", "178427242276170347809238043195937465563", "314286285522645166274438116751300110704", "14085346397466094487897505559215469942", "83946472440612095981748132393743154801", "22719246637737542001868175346762326255", "225746277784383360638876631265169815211", "202602873096280078119841019691178628415", "129845301900870639488307551200080716793", "240197643972712936190462010741701938194", "229036865155130366305770548188093406766", "280018579687411336514844752302229018378", "236137458355347890361215743344639874313", "327794514350218014445433929916315867216", "78564406537967353718264773274274478338", "94384269470022003985666208508997847952", "124322963261821670672685189337361041229", "39102702791275731539284395096602433815", "297063676588634458477586866891214892886", "280213876813813338804356004165804294579", "109412383185133777684554500299883890901", "199663428102754125596052461157338815312", "58983557586720109538434654743371121418", "160882060770664606581495109306316018989"], "threshold":0.9}, "id":"PUB-A-261857395-5682af1d", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16", "target":{"file":"system/stack/btm/btm_ble_batchscan.cc"}}, {"deprecated":false, "digest":{"function_hash":"308852664891405002207167474436655693499", "length":2058}, "id":"PUB-A-261857395-6112b1ec", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16", "target":{"file":"system/stack/btm/btm_ble_batchscan.cc", "function":"btm_ble_batchscan_filter_track_adv_vse_cback"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2023-06-01"}]}