{"id":"ASB-A-205837191","details":"In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-205837191","CVE-2021-39809"],"modified":"2026-04-23T15:15:38.048727Z","published":"2022-04-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-04-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/system/bt/+/2ed08261136fe59edd04af2b186bf0413aea108f"}],"affected":[{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-04-01"}]}],"versions":["10"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"length":9628,"function_hash":"319651516668962894590181023466453332408"},"target":{"file":"stack/avrc/avrc_pars_ct.cc","function":"avrc_ctrl_pars_vendor_rsp"},"id":"ASB-A-205837191-f31d804f","source":"https://android.googlesource.com/platform/system/bt/+/60a5d2f63bf95ed386a2ca6c43f1d88bb1d07003","deprecated":false,"signature_type":"Function"},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["126531734830726706182000043194539249710","256706972683182017187154811137971735615","204224096683427787020558414296551095040","73695717925146718806022098129223179923","195772247844676084104910404009672863877","241316484337888477610855757329965559121","138384799275033111561682559487233671540","316239567280759976705623607376100734909"]},"target":{"file":"stack/avrc/avrc_pars_ct.cc"},"id":"ASB-A-205837191-f9833528","source":"https://android.googlesource.com/platform/system/bt/+/60a5d2f63bf95ed386a2ca6c43f1d88bb1d07003","deprecated":false,"signature_type":"Line"}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/60a5d2f63bf95ed386a2ca6c43f1d88bb1d07003"],"spl":"2022-04-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-205837191.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2022-04-01"}]}],"versions":["11"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"length":9633,"function_hash":"283740768337728123466433817770873920856"},"target":{"file":"stack/avrc/avrc_pars_ct.cc","function":"avrc_ctrl_pars_vendor_rsp"},"id":"ASB-A-205837191-2b54002b","source":"https://android.googlesource.com/platform/system/bt/+/697942b47f92b173e1cd87bb404e2386db958630","deprecated":false,"signature_type":"Function"},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["126531734830726706182000043194539249710","256706972683182017187154811137971735615","204224096683427787020558414296551095040","73695717925146718806022098129223179923","195772247844676084104910404009672863877","241316484337888477610855757329965559121","138384799275033111561682559487233671540","316239567280759976705623607376100734909"]},"target":{"file":"stack/avrc/avrc_pars_ct.cc"},"id":"ASB-A-205837191-ac7ad33f","source":"https://android.googlesource.com/platform/system/bt/+/697942b47f92b173e1cd87bb404e2386db958630","deprecated":false,"signature_type":"Line"}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/697942b47f92b173e1cd87bb404e2386db958630"],"spl":"2022-04-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-205837191.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-04-01"}]}],"versions":["12"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"length":9633,"function_hash":"283740768337728123466433817770873920856"},"target":{"file":"stack/avrc/avrc_pars_ct.cc","function":"avrc_ctrl_pars_vendor_rsp"},"id":"ASB-A-205837191-2eba5cdd","source":"https://android.googlesource.com/platform/system/bt/+/868cd0e1c6bdccae0931d9be37dd0ed33239aa99","deprecated":false,"signature_type":"Function"},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["126531734830726706182000043194539249710","256706972683182017187154811137971735615","204224096683427787020558414296551095040","73695717925146718806022098129223179923","195772247844676084104910404009672863877","241316484337888477610855757329965559121","138384799275033111561682559487233671540","316239567280759976705623607376100734909"]},"target":{"file":"stack/avrc/avrc_pars_ct.cc"},"id":"ASB-A-205837191-313af234","source":"https://android.googlesource.com/platform/system/bt/+/868cd0e1c6bdccae0931d9be37dd0ed33239aa99","deprecated":false,"signature_type":"Line"}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/868cd0e1c6bdccae0931d9be37dd0ed33239aa99"],"spl":"2022-04-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-205837191.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-04-01"}]}],"versions":["12L"],"ecosystem_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["126531734830726706182000043194539249710","256706972683182017187154811137971735615","204224096683427787020558414296551095040","73695717925146718806022098129223179923","195772247844676084104910404009672863877","241316484337888477610855757329965559121","138384799275033111561682559487233671540","316239567280759976705623607376100734909"]},"target":{"file":"stack/avrc/avrc_pars_ct.cc"},"id":"ASB-A-205837191-37f1101a","source":"https://android.googlesource.com/platform/system/bt/+/415b7d925eb9e3608f98398b6159e4fe1ba5f605","deprecated":false,"signature_type":"Line"},{"signature_version":"v1","digest":{"length":9633,"function_hash":"283740768337728123466433817770873920856"},"target":{"file":"stack/avrc/avrc_pars_ct.cc","function":"avrc_ctrl_pars_vendor_rsp"},"id":"ASB-A-205837191-8fcfc71a","source":"https://android.googlesource.com/platform/system/bt/+/415b7d925eb9e3608f98398b6159e4fe1ba5f605","deprecated":false,"signature_type":"Function"}],"types":["ID"],"fixes":["https://android.googlesource.com/platform/system/bt/+/415b7d925eb9e3608f98398b6159e4fe1ba5f605"],"spl":"2022-04-01","severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-205837191.json"}}],"schema_version":"1.7.5"}