[ASB-A-174626251] Bluetooth security notice (VU#799380.7 TLP:AMBER)
Severity
High
Affected Packages
4
Fixed Packages
4
CVEs
1
In btm_sec_pin_code_request of btm_sec.cc, there is a possible bypass of Bluetooth pairing pin-code due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
| Package | Affected Version |
|---|---|
 pkg:generic/android#platform/system/bt
|
>= 8.1:0, < 8.1:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
>= 9:0, < 9:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
>= 10:0, < 10:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
>= 11:0, < 11:2021-06-05 |
| Package | Fixed Version |
|---|---|
|
pkg:generic/android#platform/system/bt
|
= 8.1:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
= 9:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
= 10:2021-06-05 |
|
pkg:generic/android#platform/system/bt
|
= 11:2021-06-05 |
- ID
- ASB-A-174626251
- Severity
- high
- URL
- https://source.android.com/security/bulletin/2021-06-01
- Published
-
2021-06-01T00:00:00
(3 years ago) - Modified
-
2024-07-31T14:45:14
(6 weeks ago) - Rights
- Android Security Team
- Other Advisories
-
-
ALSA-2024:4211
-
ELSA-2024-12110
-
ELSA-2024-12159
-
ELSA-2024-2394
-
ELSA-2024-4211
-
FEDORA-2021-a35b44fd9f
-
RHSA-2024:4211
-
RHSA-2024:4352
-
RLSA-2024:4211
-
SUSE-SU-2024:0110-1
-
SUSE-SU-2024:0112-1
-
SUSE-SU-2024:0113-1
-
SUSE-SU-2024:0115-1
-
SUSE-SU-2024:0117-1
-
SUSE-SU-2024:0118-1
-
SUSE-SU-2024:0120-1
-
SUSE-SU-2024:0129-1
-
SUSE-SU-2024:0141-1
-
SUSE-SU-2024:0153-1
-
SUSE-SU-2024:0154-1
-
SUSE-SU-2024:0156-1
-
SUSE-SU-2024:0160-1
-
USN-5343-1
-
VU:799380
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Fixed | pkg:generic/android#platform/system/bt | android | = 8.1:2021-06-05 | ||||
| Affected | pkg:generic/android#platform/system/bt | android | >= 8.1:0 < 8.1:2021-06-05 | ||||
| Fixed | pkg:generic/android#platform/system/bt | android | = 9:2021-06-05 | ||||
| Affected | pkg:generic/android#platform/system/bt | android | >= 9:0 < 9:2021-06-05 | ||||
| Fixed | pkg:generic/android#platform/system/bt | android | = 10:2021-06-05 | ||||
| Affected | pkg:generic/android#platform/system/bt | android | >= 10:0 < 10:2021-06-05 | ||||
| Fixed | pkg:generic/android#platform/system/bt | android | = 11:2021-06-05 | ||||
| Affected | pkg:generic/android#platform/system/bt | android | >= 11:0 < 11:2021-06-05 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |