CVE-2022-20010

Summary

In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-12 Android-12Laffected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References