In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Configurations
No configuration.
History
21 Nov 2024, 08:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7d0f696f450241d8ba7a168ba14fa7b75032f0c9 - | |
References | () https://source.android.com/security/bulletin/2024-03-01 - |
27 Aug 2024, 18:35
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CWE | CWE-20 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
11 Mar 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-11 17:15
Updated : 2024-11-21 08:45
NVD link : CVE-2024-0045
Mitre link : CVE-2024-0045
CVE.ORG link : CVE-2024-0045
JSON object : View
Products Affected
No product.
CWE
CWE-20
Improper Input Validation