漏洞标题
N/A
漏洞描述信息
在com_android_bluetooth_btservice_AdapterService.cpp中的pinReplyNative函数中,由于类型混淆可能导致 reads 超出范围。这可能会导致 BLE 权限的本地升级,而无需额外的执行权限。利用此漏洞无需用户交互。产品:Android版本:Android-10 Android-11 Android-12 Android-12L Android-13Android ID:A-228602963
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege of BLE with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228602963
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Google Android 安全漏洞
漏洞描述信息
Google Android是美国谷歌(Google)公司的一套以Linux为基础的开源操作系统。 Google Android 存在安全漏洞,攻击者利用该漏洞可以本地权限升级,无需额外的执行特权。
CVSS信息
N/A
漏洞类别
其他