{"id":"ASB-A-169342531","details":"In sdp_server_handle_client_req of sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-169342531","CVE-2020-0463"],"modified":"2026-05-26T15:46:26.044149249Z","published":"2020-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2020-12-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.0:0"},{"fixed":"8.0:2020-12-01"}]}],"versions":["8.0"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"threshold":0.9,"line_hashes":["87685864126385691118721298356633827310","11621428868190782394354950434193695670","268678758175330329494886202073524614864","46825356829741404233291821332653897577","266117900808884762756126251357245747988","40511515926288100500412701195627018383","184549723743614675046908550020434931907","43792252858058655228097650551178236297","110321777404277445683310873406562646192","104264280191072247418886828780508044318","7355196314179985483720797385639882088","158586034936805583632489481069503631016","195975751366998031999502628347301239198"]},"signature_type":"Line","id":"ASB-A-169342531-59180ca9"},{"signature_version":"v1","deprecated":false,"target":{"function":"sdp_server_handle_client_req","file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"function_hash":"56637524515588004733390268479014796417","length":1211},"signature_type":"Function","id":"ASB-A-169342531-88f34b28"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"],"spl":"2020-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169342531.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2020-12-01"}]}],"versions":["8.1"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"threshold":0.9,"line_hashes":["87685864126385691118721298356633827310","11621428868190782394354950434193695670","268678758175330329494886202073524614864","46825356829741404233291821332653897577","266117900808884762756126251357245747988","40511515926288100500412701195627018383","184549723743614675046908550020434931907","43792252858058655228097650551178236297","110321777404277445683310873406562646192","104264280191072247418886828780508044318","7355196314179985483720797385639882088","158586034936805583632489481069503631016","195975751366998031999502628347301239198"]},"signature_type":"Line","id":"ASB-A-169342531-33898cbb"},{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc","function":"sdp_server_handle_client_req"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"function_hash":"56637524515588004733390268479014796417","length":1211},"id":"ASB-A-169342531-3c6f4812","signature_type":"Function"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"],"spl":"2020-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169342531.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2020-12-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"function":"sdp_server_handle_client_req","file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"function_hash":"56637524515588004733390268479014796417","length":1211},"signature_type":"Function","id":"ASB-A-169342531-56ca3830"},{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"threshold":0.9,"line_hashes":["87685864126385691118721298356633827310","11621428868190782394354950434193695670","268678758175330329494886202073524614864","46825356829741404233291821332653897577","266117900808884762756126251357245747988","40511515926288100500412701195627018383","184549723743614675046908550020434931907","43792252858058655228097650551178236297","110321777404277445683310873406562646192","104264280191072247418886828780508044318","7355196314179985483720797385639882088","158586034936805583632489481069503631016","195975751366998031999502628347301239198"]},"signature_type":"Line","id":"ASB-A-169342531-796ccb8c"}],"severity":"High","types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"],"spl":"2020-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169342531.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2020-12-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc","function":"sdp_server_handle_client_req"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"function_hash":"56637524515588004733390268479014796417","length":1211},"signature_type":"Function","id":"ASB-A-169342531-318f78d5"},{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"threshold":0.9,"line_hashes":["87685864126385691118721298356633827310","11621428868190782394354950434193695670","268678758175330329494886202073524614864","46825356829741404233291821332653897577","266117900808884762756126251357245747988","40511515926288100500412701195627018383","184549723743614675046908550020434931907","43792252858058655228097650551178236297","110321777404277445683310873406562646192","104264280191072247418886828780508044318","7355196314179985483720797385639882088","158586034936805583632489481069503631016","195975751366998031999502628347301239198"]},"id":"ASB-A-169342531-eb957e36","signature_type":"Line"}],"fixes":["https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"],"types":["ID"],"severity":"High","spl":"2020-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169342531.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2020-12-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc","function":"sdp_server_handle_client_req"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"function_hash":"56637524515588004733390268479014796417","length":1211},"signature_type":"Function","id":"ASB-A-169342531-10473549"},{"signature_version":"v1","deprecated":false,"target":{"file":"stack/sdp/sdp_server.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8","digest":{"threshold":0.9,"line_hashes":["87685864126385691118721298356633827310","11621428868190782394354950434193695670","268678758175330329494886202073524614864","46825356829741404233291821332653897577","266117900808884762756126251357245747988","40511515926288100500412701195627018383","184549723743614675046908550020434931907","43792252858058655228097650551178236297","110321777404277445683310873406562646192","104264280191072247418886828780508044318","7355196314179985483720797385639882088","158586034936805583632489481069503631016","195975751366998031999502628347301239198"]},"signature_type":"Line","id":"ASB-A-169342531-c0ed726f"}],"fixes":["https://android.googlesource.com/platform/system/bt/+/938a5cd87c38bf35d15ffa3414c3a74faecb8bf8"],"types":["ID"],"severity":"High","spl":"2020-12-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-169342531.json"}}],"schema_version":"1.7.5"}