{"id":"ASB-A-174150451","details":"In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-174150451","CVE-2021-0435"],"modified":"2026-04-28T15:17:37.552933Z","published":"2021-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2021-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/026f04c83281557a0d24df0bd19d72c74cdc320e"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"8.1:0"},{"fixed":"8.1:2021-04-01"}]}],"versions":["8.1"],"ecosystem_specific":{"vanir_signatures":[{"signature_type":"Line","id":"ASB-A-174150451-74215a8a","digest":{"line_hashes":["234731378143251965468061532815581472551","167774733209960506572467443926203491903","47802622381427373253647455478457623346","48330210889850056886396232568450657951"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9","target":{"file":"stack/avrc/avrc_bld_tg.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-7a9d3afa","digest":{"line_hashes":["25826080849010929453199241606739219817","102699952416098053887376505143307429909","143806720553538244026322564558936295054","164986021732157641338903864090109453599","301897657201426727004466536346062316563","235051942682550393409806500189940635228","335461943414066905902007995014316866781","17672392233449697628085473547180750898","283758634364552150370415211695472900701","328828160620845234744149755929506441462","2473565245579495761465996430830724257","237534467320708155262103903879152969563","92281194400390846616166060402022375024","273786359158106482533735481861079682424","2473565245579495761465996430830724257"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9","target":{"file":"stack/avrc/avrc_opt.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-9c01d0da","digest":{"line_hashes":["212232968038250104482858979702624275750","287953352903989519456069944207679403882","14845834421420998534332396403871764925","86765202564817590807824327682356097034","8506577065875201243658029685407892248","153830244189308337431089565302096752200","73574399449172278035838437690423107102","63857392560911243568061870531660418492","96243532706110030824140961784393634458","229509219505541565945915529457539584181","319773369222130466408546408420315488895","147819627739377103061854328410232522877"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9","target":{"file":"stack/avrc/avrc_pars_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-9e02d8c6","digest":{"line_hashes":["192017400156636417478041847225283769262","204933172455221844431769346722526320436","128025510019479700929535966870254602330","106559417459498412872629760774672706722"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9","target":{"file":"stack/avrc/avrc_bld_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-ba34beb7","digest":{"line_hashes":["281586568184723237172444381729300620204","306697745755003438563806121171698237921","246586741718193978242302054708553414208","26712992996311895937855388050883467232","54956135029244385601389859387513915205","271920638373074614745749988322912009199","38460664457821042895159081114458950003","115501079431548383753885003523860011552","260753540820306009469377490923685320691","200185611935206458241668081075162626223","212032984932251426289010321427003686672","85944363988905834904253026670568579462","108257629627401211972918736109316858296","216950027845380205798371590433193650133","259995555082482069524698370838857702055","205609846645742308176480653515058253116","114168609634170520250270269816526217257","204378047892081571998556994878344192203","289073611432386177713347243982592391836","43529288571653165473129009061182640404"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9","target":{"file":"stack/avrc/avrc_api.cc"},"signature_version":"v1","deprecated":false}],"severity":"High","types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/system/bt/+/8d461a866a12cd3d7d6d68551a5d2a7139fab2b9"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"9:0"},{"fixed":"9:2021-04-01"}]}],"versions":["9"],"ecosystem_specific":{"vanir_signatures":[{"signature_type":"Line","id":"ASB-A-174150451-0ccf6ce1","digest":{"line_hashes":["234731378143251965468061532815581472551","167774733209960506572467443926203491903","47802622381427373253647455478457623346","48330210889850056886396232568450657951"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_tg.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-269a6c55","digest":{"line_hashes":["192017400156636417478041847225283769262","204933172455221844431769346722526320436","128025510019479700929535966870254602330","106559417459498412872629760774672706722"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-43571dba","digest":{"line_hashes":["281586568184723237172444381729300620204","306697745755003438563806121171698237921","246586741718193978242302054708553414208","26712992996311895937855388050883467232","54956135029244385601389859387513915205","271920638373074614745749988322912009199","38460664457821042895159081114458950003","115501079431548383753885003523860011552","260753540820306009469377490923685320691","200185611935206458241668081075162626223","212032984932251426289010321427003686672","85944363988905834904253026670568579462","108257629627401211972918736109316858296","216950027845380205798371590433193650133","259995555082482069524698370838857702055","205609846645742308176480653515058253116","114168609634170520250270269816526217257","204378047892081571998556994878344192203","289073611432386177713347243982592391836","43529288571653165473129009061182640404"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_api.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-767f098f","digest":{"line_hashes":["195777170528215756133034883432980774837","82158292724028221019740140516383577821","29249664797217387640288612680381725591","51246449051180649641476430904217421430","17672392233449697628085473547180750898","283758634364552150370415211695472900701","328828160620845234744149755929506441462","2473565245579495761465996430830724257","237534467320708155262103903879152969563","92281194400390846616166060402022375024","273786359158106482533735481861079682424","2473565245579495761465996430830724257"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_opt.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-efeddce6","digest":{"line_hashes":["212232968038250104482858979702624275750","287953352903989519456069944207679403882","14845834421420998534332396403871764925","86765202564817590807824327682356097034","8506577065875201243658029685407892248","153830244189308337431089565302096752200","73574399449172278035838437690423107102","63857392560911243568061870531660418492","96243532706110030824140961784393634458","229509219505541565945915529457539584181","319773369222130466408546408420315488895","147819627739377103061854328410232522877"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_pars_ct.cc"},"signature_version":"v1","deprecated":false}],"severity":"High","types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2021-04-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"signature_type":"Line","id":"ASB-A-174150451-14462885","digest":{"line_hashes":["212232968038250104482858979702624275750","287953352903989519456069944207679403882","14845834421420998534332396403871764925","86765202564817590807824327682356097034","8506577065875201243658029685407892248","153830244189308337431089565302096752200","73574399449172278035838437690423107102","63857392560911243568061870531660418492","96243532706110030824140961784393634458","229509219505541565945915529457539584181","319773369222130466408546408420315488895","147819627739377103061854328410232522877"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_pars_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-3f734440","digest":{"line_hashes":["234731378143251965468061532815581472551","167774733209960506572467443926203491903","47802622381427373253647455478457623346","48330210889850056886396232568450657951"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_tg.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-423e07a0","digest":{"line_hashes":["281586568184723237172444381729300620204","306697745755003438563806121171698237921","246586741718193978242302054708553414208","26712992996311895937855388050883467232","54956135029244385601389859387513915205","271920638373074614745749988322912009199","38460664457821042895159081114458950003","115501079431548383753885003523860011552","260753540820306009469377490923685320691","200185611935206458241668081075162626223","212032984932251426289010321427003686672","85944363988905834904253026670568579462","108257629627401211972918736109316858296","216950027845380205798371590433193650133","259995555082482069524698370838857702055","205609846645742308176480653515058253116","114168609634170520250270269816526217257","204378047892081571998556994878344192203","289073611432386177713347243982592391836","43529288571653165473129009061182640404"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_api.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-6b451b30","digest":{"line_hashes":["195777170528215756133034883432980774837","82158292724028221019740140516383577821","29249664797217387640288612680381725591","51246449051180649641476430904217421430","17672392233449697628085473547180750898","283758634364552150370415211695472900701","328828160620845234744149755929506441462","2473565245579495761465996430830724257","237534467320708155262103903879152969563","92281194400390846616166060402022375024","273786359158106482533735481861079682424","2473565245579495761465996430830724257"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_opt.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-d141a8aa","digest":{"line_hashes":["192017400156636417478041847225283769262","204933172455221844431769346722526320436","128025510019479700929535966870254602330","106559417459498412872629760774672706722"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_ct.cc"},"signature_version":"v1","deprecated":false}],"severity":"High","types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2021-04-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"signature_type":"Line","id":"ASB-A-174150451-03cf303e","digest":{"line_hashes":["212232968038250104482858979702624275750","287953352903989519456069944207679403882","14845834421420998534332396403871764925","86765202564817590807824327682356097034","8506577065875201243658029685407892248","153830244189308337431089565302096752200","73574399449172278035838437690423107102","63857392560911243568061870531660418492","96243532706110030824140961784393634458","229509219505541565945915529457539584181","319773369222130466408546408420315488895","147819627739377103061854328410232522877"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_pars_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-29ec9366","digest":{"line_hashes":["192017400156636417478041847225283769262","204933172455221844431769346722526320436","128025510019479700929535966870254602330","106559417459498412872629760774672706722"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_ct.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-a2686563","digest":{"line_hashes":["195777170528215756133034883432980774837","82158292724028221019740140516383577821","29249664797217387640288612680381725591","51246449051180649641476430904217421430","17672392233449697628085473547180750898","283758634364552150370415211695472900701","328828160620845234744149755929506441462","2473565245579495761465996430830724257","237534467320708155262103903879152969563","92281194400390846616166060402022375024","273786359158106482533735481861079682424","2473565245579495761465996430830724257"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_opt.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-a6802041","digest":{"line_hashes":["281586568184723237172444381729300620204","306697745755003438563806121171698237921","246586741718193978242302054708553414208","26712992996311895937855388050883467232","54956135029244385601389859387513915205","271920638373074614745749988322912009199","38460664457821042895159081114458950003","115501079431548383753885003523860011552","260753540820306009469377490923685320691","200185611935206458241668081075162626223","212032984932251426289010321427003686672","85944363988905834904253026670568579462","108257629627401211972918736109316858296","216950027845380205798371590433193650133","259995555082482069524698370838857702055","205609846645742308176480653515058253116","114168609634170520250270269816526217257","204378047892081571998556994878344192203","289073611432386177713347243982592391836","43529288571653165473129009061182640404"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_api.cc"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","id":"ASB-A-174150451-d672039e","digest":{"line_hashes":["234731378143251965468061532815581472551","167774733209960506572467443926203491903","47802622381427373253647455478457623346","48330210889850056886396232568450657951"],"threshold":0.9},"source":"https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c","target":{"file":"stack/avrc/avrc_bld_tg.cc"},"signature_version":"v1","deprecated":false}],"severity":"High","types":["ID"],"spl":"2021-04-01","fixes":["https://android.googlesource.com/platform/system/bt/+/41584e84a3288d4dc9770773fa3db81df209ae4c"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-174150451.json"}}],"schema_version":"1.7.5"}