{"id":"ASB-A-158854097","details":"In smp_key_distribution of smp_act.cc, there are possible vulnerabilities in Cross-Transport Key Derivation due to weaknesses in the Bluetooth standard. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-158854097","CVE-2020-15802"],"modified":"2026-05-01T15:24:27.653932Z","published":"2020-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2020-12-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.0:0"},{"fixed":"8.0:2020-12-01"}]}],"versions":["8.0"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-158854097-bdc605f3","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"function":"smp_key_distribution","file":"stack/smp/smp_act.cc"},"signature_type":"Function","digest":{"length":857,"function_hash":"149862376871960881486779178792629586467"}},{"id":"ASB-A-158854097-cc6c628a","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"file":"stack/smp/smp_act.cc"},"signature_type":"Line","digest":{"line_hashes":["141878859893653509495119353880378886755","281662226058294302639865591136081592204","324547289574088968005916732676261905036","90478598410599379139713230843119446223"],"threshold":0.9}}],"fixes":["https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"],"severity":"High","spl":"2020-12-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158854097.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2020-12-01"}]}],"versions":["8.1"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-158854097-31edadb6","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"file":"stack/smp/smp_act.cc"},"signature_type":"Line","digest":{"line_hashes":["141878859893653509495119353880378886755","281662226058294302639865591136081592204","324547289574088968005916732676261905036","90478598410599379139713230843119446223"],"threshold":0.9}},{"id":"ASB-A-158854097-9b781dab","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"function":"smp_key_distribution","file":"stack/smp/smp_act.cc"},"signature_type":"Function","digest":{"length":857,"function_hash":"149862376871960881486779178792629586467"}}],"fixes":["https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"],"severity":"High","spl":"2020-12-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158854097.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2020-12-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-158854097-c3fcbe6d","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"file":"stack/smp/smp_act.cc"},"signature_type":"Line","digest":{"line_hashes":["141878859893653509495119353880378886755","281662226058294302639865591136081592204","324547289574088968005916732676261905036","90478598410599379139713230843119446223"],"threshold":0.9}},{"id":"ASB-A-158854097-cdc15383","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"function":"smp_key_distribution","file":"stack/smp/smp_act.cc"},"signature_type":"Function","digest":{"length":857,"function_hash":"149862376871960881486779178792629586467"}}],"fixes":["https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"],"severity":"High","spl":"2020-12-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158854097.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2020-12-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-158854097-7faeda4b","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"file":"stack/smp/smp_act.cc"},"signature_type":"Line","digest":{"line_hashes":["141878859893653509495119353880378886755","281662226058294302639865591136081592204","324547289574088968005916732676261905036","90478598410599379139713230843119446223"],"threshold":0.9}},{"id":"ASB-A-158854097-bba39f70","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"function":"smp_key_distribution","file":"stack/smp/smp_act.cc"},"signature_type":"Function","digest":{"length":857,"function_hash":"149862376871960881486779178792629586467"}}],"fixes":["https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"],"severity":"High","spl":"2020-12-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158854097.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2020-12-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"id":"ASB-A-158854097-548bddb2","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"function":"smp_key_distribution","file":"stack/smp/smp_act.cc"},"signature_type":"Function","digest":{"length":857,"function_hash":"149862376871960881486779178792629586467"}},{"id":"ASB-A-158854097-fd9686a4","source":"https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e","signature_version":"v1","deprecated":false,"target":{"file":"stack/smp/smp_act.cc"},"signature_type":"Line","digest":{"line_hashes":["141878859893653509495119353880378886755","281662226058294302639865591136081592204","324547289574088968005916732676261905036","90478598410599379139713230843119446223"],"threshold":0.9}}],"fixes":["https://android.googlesource.com/platform/system/bt/+/775a5e72b34b70ff92d61d8bcc47c6bde663f02e"],"severity":"High","spl":"2020-12-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-158854097.json"}}],"schema_version":"1.7.5"}