[ASB-A-174626251] Bluetooth security notice (VU#799380.7 TLP:AMBER)
Severity
High
Affected Packages
4
Fixed Packages
4
CVEs
1
In btm_sec_pin_code_request of btm_sec.cc, there is a possible bypass of Bluetooth pairing pin-code due to improperly used crypto. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Package | Affected Version |
---|---|
pkg:generic/android#platform/system/bt | >= 8.1:0, < 8.1:2021-06-05 |
pkg:generic/android#platform/system/bt | >= 9:0, < 9:2021-06-05 |
pkg:generic/android#platform/system/bt | >= 10:0, < 10:2021-06-05 |
pkg:generic/android#platform/system/bt | >= 11:0, < 11:2021-06-05 |
Package | Fixed Version |
---|---|
pkg:generic/android#platform/system/bt | = 8.1:2021-06-05 |
pkg:generic/android#platform/system/bt | = 9:2021-06-05 |
pkg:generic/android#platform/system/bt | = 10:2021-06-05 |
pkg:generic/android#platform/system/bt | = 11:2021-06-05 |
- ID
- ASB-A-174626251
- Severity
- high
- URL
- https://source.android.com/security/bulletin/2021-06-01
- Published
-
2021-06-01T00:00:00
(3 years ago) - Modified
-
2024-07-31T14:45:14
(6 weeks ago) - Rights
- Android Security Team
- Other Advisories
-
- ALSA-2024:4211
- ELSA-2024-12110
- ELSA-2024-12159
- ELSA-2024-2394
- ELSA-2024-4211
- FEDORA-2021-a35b44fd9f
- RHSA-2024:4211
- RHSA-2024:4352
- RLSA-2024:4211
- SUSE-SU-2024:0110-1
- SUSE-SU-2024:0112-1
- SUSE-SU-2024:0113-1
- SUSE-SU-2024:0115-1
- SUSE-SU-2024:0117-1
- SUSE-SU-2024:0118-1
- SUSE-SU-2024:0120-1
- SUSE-SU-2024:0129-1
- SUSE-SU-2024:0141-1
- SUSE-SU-2024:0153-1
- SUSE-SU-2024:0154-1
- SUSE-SU-2024:0156-1
- SUSE-SU-2024:0160-1
- USN-5343-1
- VU:799380
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:generic/android#platform/system/bt | android | = 8.1:2021-06-05 | ||||
Affected | pkg:generic/android#platform/system/bt | android | >= 8.1:0 < 8.1:2021-06-05 | ||||
Fixed | pkg:generic/android#platform/system/bt | android | = 9:2021-06-05 | ||||
Affected | pkg:generic/android#platform/system/bt | android | >= 9:0 < 9:2021-06-05 | ||||
Fixed | pkg:generic/android#platform/system/bt | android | = 10:2021-06-05 | ||||
Affected | pkg:generic/android#platform/system/bt | android | >= 10:0 < 10:2021-06-05 | ||||
Fixed | pkg:generic/android#platform/system/bt | android | = 11:2021-06-05 | ||||
Affected | pkg:generic/android#platform/system/bt | android | >= 11:0 < 11:2021-06-05 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |