In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2020/Feb/10 | Mailing List Third Party Advisory |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en | Third Party Advisory |
https://source.android.com/security/bulletin/2020-02-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
Configuration 22 (hide)
AND |
|
History
02 Feb 2024, 13:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_30_5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_30_5g:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_30_pro_5g:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:p_smart_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:nova_3_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:p_smart_2019_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:y6_pro_2019_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:y6_2019_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_30_pro_5g_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:* cpe:2.3:o:huawei:honor_8a_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:huawei:mate_30_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:* cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:* |
|
CWE | CWE-682 | |
References | (MISC) http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html - Exploit, Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en - Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2020/Feb/10 - Mailing List, Third Party Advisory | |
First Time |
Huawei mate 20
Huawei mate 20 Pro Firmware Huawei p Smart Firmware Huawei mate 30 5g Firmware Huawei honor View 20 Firmware Huawei p Smart 2019 Firmware Huawei mate 20 X Huawei mate 30 5g Huawei nova Lite 3 Firmware Huawei mate 20 X Firmware Huawei p30 Pro Firmware Huawei nova Lite 3 Huawei mate 30 Firmware Huawei p Smart Huawei p30 Firmware Huawei nova 3 Huawei p20 Firmware Huawei y9 2019 Huawei honor 8a Firmware Huawei mate 30 Pro Firmware Huawei honor View 20 Huawei y9 2019 Firmware Huawei honor 8a Huawei p30 Pro Huawei mate 20 Firmware Huawei y6 2019 Huawei p Smart 2019 Huawei p20 Pro Huawei honor 8x Firmware Huawei mate 30 Huawei p30 Huawei mate 30 Pro 5g Firmware Huawei mate 30 Pro 5g Huawei honor 8x Huawei Huawei mate 30 Pro Huawei p20 Pro Firmware Huawei y6 Pro 2019 Huawei p20 Huawei nova 3 Firmware Huawei y6 Pro 2019 Firmware Huawei y6 2019 Firmware Huawei mate 20 Pro |
Information
Published : 2020-02-13 15:15
Updated : 2024-08-01 13:41
NVD link : CVE-2020-0022
Mitre link : CVE-2020-0022
CVE.ORG link : CVE-2020-0022
JSON object : View
Products Affected
huawei
- nova_lite_3
- honor_8x_firmware
- mate_20_x
- mate_30_pro
- p_smart_firmware
- p30
- mate_20_x_firmware
- p30_firmware
- nova_3
- p20_pro
- mate_30_pro_firmware
- y9_2019_firmware
- p_smart_2019
- mate_30_firmware
- y6_2019
- mate_20_firmware
- p_smart
- mate_30_pro_5g
- p_smart_2019_firmware
- p20
- y6_pro_2019
- mate_30_5g_firmware
- honor_8a_firmware
- y6_2019_firmware
- nova_3_firmware
- nova_lite_3_firmware
- mate_20_pro
- p20_pro_firmware
- y6_pro_2019_firmware
- honor_8a
- mate_20_pro_firmware
- p30_pro
- honor_view_20
- mate_30_pro_5g_firmware
- honor_view_20_firmware
- mate_20
- honor_8x
- y9_2019
- p30_pro_firmware
- mate_30_5g
- p20_firmware
- mate_30
- android
CWE
CWE-682
Incorrect Calculation