{"id":"ASB-A-174052148","details":"In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-174052148","CVE-2021-0397"],"modified":"2026-05-01T15:24:27.653932Z","published":"2021-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/437adc1a143f22fd7792d033d1ff64a364888f44"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2021-03-01"}]}],"versions":["8.1"],"ecosystem_specific":{"severity":"Critical","spl":"2021-03-01","fixes":["https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e"],"types":["RCE"],"vanir_signatures":[{"signature_type":"Function","deprecated":false,"signature_version":"v1","digest":{"length":1567,"function_hash":"226686015420630971083399221244405337653"},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-355c0420","target":{"file":"bta/ag/bta_ag_sdp.cc","function":"bta_ag_do_disc"}},{"signature_type":"Line","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["217178944041883988427998995336572607779","268620471652406614036610575577336396100","195065986137907670458925705109645393804","316120188592456273022294446303766069277","196166543744440592454744695116625660291","296185697512847952591049413753396635607","78880808084593515505501064767592671743"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-67c43063","target":{"file":"bta/ag/bta_ag_sdp.cc"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174052148.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-03-01"}]}],"versions":["9"],"ecosystem_specific":{"severity":"Critical","spl":"2021-03-01","fixes":["https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e"],"types":["RCE"],"vanir_signatures":[{"signature_type":"Line","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["217178944041883988427998995336572607779","268620471652406614036610575577336396100","195065986137907670458925705109645393804","316120188592456273022294446303766069277","196166543744440592454744695116625660291","296185697512847952591049413753396635607","78880808084593515505501064767592671743"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-09d29643","target":{"file":"bta/ag/bta_ag_sdp.cc"}},{"signature_type":"Function","deprecated":false,"signature_version":"v1","digest":{"length":1567,"function_hash":"226686015420630971083399221244405337653"},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-cdbb04e8","target":{"file":"bta/ag/bta_ag_sdp.cc","function":"bta_ag_do_disc"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174052148.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-03-01"}]}],"versions":["10"],"ecosystem_specific":{"severity":"Critical","spl":"2021-03-01","fixes":["https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e"],"types":["RCE"],"vanir_signatures":[{"signature_type":"Function","deprecated":false,"signature_version":"v1","digest":{"length":1567,"function_hash":"226686015420630971083399221244405337653"},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-0f6751e5","target":{"file":"bta/ag/bta_ag_sdp.cc","function":"bta_ag_do_disc"}},{"signature_type":"Line","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["217178944041883988427998995336572607779","268620471652406614036610575577336396100","195065986137907670458925705109645393804","316120188592456273022294446303766069277","196166543744440592454744695116625660291","296185697512847952591049413753396635607","78880808084593515505501064767592671743"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-682c0a64","target":{"file":"bta/ag/bta_ag_sdp.cc"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174052148.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-03-01"}]}],"versions":["11"],"ecosystem_specific":{"severity":"Critical","spl":"2021-03-01","fixes":["https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e"],"types":["RCE"],"vanir_signatures":[{"signature_type":"Function","deprecated":false,"signature_version":"v1","digest":{"length":1567,"function_hash":"226686015420630971083399221244405337653"},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-5850ecb8","target":{"file":"bta/ag/bta_ag_sdp.cc","function":"bta_ag_do_disc"}},{"signature_type":"Line","deprecated":false,"signature_version":"v1","digest":{"line_hashes":["217178944041883988427998995336572607779","268620471652406614036610575577336396100","195065986137907670458925705109645393804","316120188592456273022294446303766069277","196166543744440592454744695116625660291","296185697512847952591049413753396635607","78880808084593515505501064767592671743"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/f0994f6e4723eddaa617b68139f064d945d9389e","id":"ASB-A-174052148-5f778341","target":{"file":"bta/ag/bta_ag_sdp.cc"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174052148.json"}}],"schema_version":"1.7.5"}