{"id":"ASB-A-174149901","details":"In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-174149901","CVE-2021-0431"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2021-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/20305ba196a82d003811bbdf51fb978cd8315ba8"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2021-04-01"}]}],"versions":["8.1"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"],"types":["ID"],"spl":"2021-04-01","severity":"High","vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["25691793736011755144675238646456011203","213051613258159687891157273033913211463","199865173318442732021864401992381161092","181915817969334015180679003080769794327"],"threshold":0.9},"deprecated":false,"target":{"file":"stack/avrc/avrc_api.cc"},"id":"ASB-A-174149901-64fa8f9c","source":"https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174149901.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-04-01"}]}],"versions":["9"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"],"types":["ID"],"spl":"2021-04-01","severity":"High","vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["25691793736011755144675238646456011203","213051613258159687891157273033913211463","199865173318442732021864401992381161092","181915817969334015180679003080769794327"],"threshold":0.9},"deprecated":false,"target":{"file":"stack/avrc/avrc_api.cc"},"id":"ASB-A-174149901-549da8fa","source":"https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174149901.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-04-01"}]}],"versions":["10"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"],"types":["ID"],"spl":"2021-04-01","severity":"High","vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["25691793736011755144675238646456011203","213051613258159687891157273033913211463","199865173318442732021864401992381161092","181915817969334015180679003080769794327"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034","deprecated":false,"id":"ASB-A-174149901-20a3c35f","target":{"file":"stack/avrc/avrc_api.cc"}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174149901.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-04-01"}]}],"versions":["11"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034"],"types":["ID"],"spl":"2021-04-01","severity":"High","vanir_signatures":[{"signature_type":"Line","signature_version":"v1","digest":{"line_hashes":["25691793736011755144675238646456011203","213051613258159687891157273033913211463","199865173318442732021864401992381161092","181915817969334015180679003080769794327"],"threshold":0.9},"target":{"file":"stack/avrc/avrc_api.cc"},"source":"https://android.googlesource.com/platform/system/bt/+/0f447e4fffc45b10d29e1cfcc2eb66067abaf034","id":"ASB-A-174149901-a14946a2","deprecated":false}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174149901.json"}}],"schema_version":"1.7.5"}