{"id":"ASB-A-195410559","details":"In bta_dm_remove_device of bta_dm_act.cc, there is a possible way for a BT device to receive a long term trackable identifier due to a permissions bypass. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-195410559","CVE-2021-39673"],"modified":"2026-05-27T15:53:17.428190120Z","published":"2022-10-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-10-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8f848255dea47710275f1eac7c4e635b1f5faa0b"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/90d2a6a82b35e32f70938112125a202a7f37964b"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2022-10-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","spl":"2022-10-01","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3baf1d6fa2b80197fcc278d1d29c6074065e2442"],"vanir_signatures":[{"signature_version":"v1","target":{"file":"system/stack/btm/btm_ble.cc","function":"BTM_SecAddBleDevice"},"exact_target_file_match_only":true,"signature_type":"Function","id":"ASB-A-195410559-07219777","digest":{"function_hash":"204128558517839783709342432677193717800","length":1391},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/main/shim/btm_api.cc"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-0a0872ac","digest":{"line_hashes":["199206825782937533551232365465509237488","162245554832253266569229758359919054331","280030943942912715544861231547488220574","155255626714929324460461619589788156528","264401400468715934409769089728700952309"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_type":"Line","signature_version":"v1","id":"ASB-A-195410559-37e74eb6","source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3baf1d6fa2b80197fcc278d1d29c6074065e2442","digest":{"line_hashes":["260936490031339040683130593933517257275","142743158119496288073265439736713886406","188589391039302863625916775189577302274","155463368691050041105339485083081990294","229160748354944167482380962272175182743","162657397244421107928627160758940443039","257697859005223496457159838491246062530","162486628185525773140348330155282810004","317497588349573823019090169373617671224","197678382699566474924671531412288140688"],"threshold":0.9},"target":{"file":"system/gd/hci/le_address_manager.cc"},"deprecated":false},{"signature_version":"v1","target":{"file":"system/btif/src/btif_storage.cc","function":"btif_storage_remove_bonded_device"},"exact_target_file_match_only":true,"signature_type":"Function","id":"ASB-A-195410559-431d4820","digest":{"function_hash":"332927922331889009813032357513302530237","length":1006},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/main/shim/btm_api.h"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-566d4af0","digest":{"line_hashes":["283215450931985692815317944119360594934","98561674356244519414908117415864229665","196466217318339078374083905982701418165"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/bta/include/bta_api.h"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-6910fcef","digest":{"line_hashes":["212104014143301240330176764803906409125"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/stack/btm/btm_ble.cc"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-84a1216e","digest":{"line_hashes":["217706887452652472909775799195184585659","7413942047572543896195629930365817592","143537988801541637952581949278506558881","323341362230084706548388200360759367615","261618727826124143324747606791276122809","339386986367096452091942807039990993199","208763730366055677015352948191630266856","163781212640301891480969981281341344157","290682634017117684825497209117873732275","115531431836093978842194200567957948577","115851880353199921188587569505730705468","52585866118260948952531862372656901954","160798343641663998493326803533422203730","154500535300184373852153271987818294151","263326579416680049729673121835394243727"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/btif/src/btif_storage.cc"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-86c5c50e","digest":{"line_hashes":["209944026445026882928906945429570963289","119452501415360073250969970596661204495","201134992658573217646305852494410693434","307256859096279817457550280125541939729","261076564696789657766348420242188411860","207121853597581238286813107587853561282","226363678236170877304258953624902987949","12839450872721808140407113564531235048"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_type":"Function","signature_version":"v1","id":"ASB-A-195410559-8d715306","digest":{"function_hash":"308825382279477027343673241009001519043","length":2110},"target":{"file":"system/gd/hci/le_address_manager.cc","function":"LeAddressManager::SetPrivacyPolicyForInitiatorAddress"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/3baf1d6fa2b80197fcc278d1d29c6074065e2442","deprecated":false},{"signature_version":"v1","target":{"file":"system/bta/dm/bta_dm_int.h"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-badf92db","digest":{"line_hashes":["103695966746884301387509814432171521491","138848410630616513536117343280635902826","163233651498112236928217491260275814154"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/bta/dm/bta_dm_act.cc"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-ca1a4a60","digest":{"line_hashes":["266840716145634852173576008353515407843","198209986249736171376744745771636965591","61027019719815398523533801771240725545","15838550506692246751299107070564602772","136286208237603093245537361731500968722","68697064061280841865148834094333747637","270150413080094228112759586897907511981","145305823701625950690334138576431346288","338828588760667391774491374865979683125","102610417065177397422584866016522791825","59977367531333076293400756494798240797"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/stack/btm/btm_ble.cc","function":"btm_ble_reset_id_impl"},"exact_target_file_match_only":true,"signature_type":"Function","id":"ASB-A-195410559-ca42779c","source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","digest":{"function_hash":"164192346293583884789519873400759218869","length":611},"deprecated":false},{"signature_version":"v1","target":{"file":"system/gd/hci/le_address_manager.cc"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-ce709d53","source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","digest":{"line_hashes":["322565623498743490708868610314787224027","36794438819106040518089597001241498838","85546890152735325090817608062361500791","128836914221072246986567779208890253401"],"threshold":0.9},"deprecated":false},{"signature_version":"v1","target":{"file":"system/bta/dm/bta_dm_act.cc","function":"bta_dm_remove_device"},"exact_target_file_match_only":true,"signature_type":"Function","id":"ASB-A-195410559-d3edd033","digest":{"function_hash":"53644348137777810034779084800532630437","length":1470},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/test/mock/mock_bta_dm_act.h"},"exact_target_file_match_only":true,"signature_type":"Line","id":"ASB-A-195410559-ebbb1e3f","digest":{"line_hashes":["131718699226223782084585985844258401753","81920284495245439270987233131687053428","180825386225943766978298971936126813276"],"threshold":0.9},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false},{"signature_version":"v1","target":{"file":"system/gd/hci/le_address_manager.cc","function":"LeAddressManager::SetPrivacyPolicyForInitiatorAddress"},"exact_target_file_match_only":true,"signature_type":"Function","id":"ASB-A-195410559-ebeba30e","digest":{"function_hash":"155691105060646540724183956370465455491","length":1886},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f4aa35adf8ed2e06a3d1273c18d3a3561644e0a4","deprecated":false}],"types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-195410559.json"}}],"schema_version":"1.7.5"}