{"id":"ASB-A-261468700","aliases":["3278869","A-261468700","CVE-2022-40537"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2023-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-03-01"},{"type":"FIX","url":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/-/commit/1dc86735a8eadab4521c35d4901fe395393c48e7"},{"type":"FIX","url":"https://git.codelinaro.org/clo/la/platform/system/bt/-/commit/4794a727c6742886c330f52d01714bf9d210ee1f"},{"type":"FIX","url":"https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/-/commit/c1083aeee60590aadf122e611fa609401bf4b715"},{"type":"FIX","url":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/-/commit/df0fda53df2dadd4d37e01c392a277656d9430ee"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"SoCVersion:0"},{"fixed":"SoCVersion:2023-03-05"}]}],"versions":["SoCVersion"],"ecosystem_specific":{"types":["Unknown"],"fixes":["https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/-/commit/c1083aeee60590aadf122e611fa609401bf4b715"],"severity":"High","vanir_signatures":[{"target":{"file":"system/btif/src/btif_rc.cc","function":"handle_app_attr_txt_response"},"signature_version":"v1","signature_type":"Function","source":"https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/commit/c1083aeee60590aadf122e611fa609401bf4b715","digest":{"function_hash":"246175958957352758668323522289664473869","length":1556},"id":"ASB-A-261468700-148d3cf9","deprecated":false},{"target":{"file":"system/btif/src/btif_rc.cc","function":"handle_app_attr_val_txt_response"},"signature_type":"Function","digest":{"function_hash":"242569082058685134903551521358358581354","length":2534},"source":"https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/commit/c1083aeee60590aadf122e611fa609401bf4b715","signature_version":"v1","id":"ASB-A-261468700-2bfa7749","deprecated":false},{"target":{"file":"system/btif/src/btif_rc.cc","function":"cleanup_app_attr_val_txt_response"},"digest":{"function_hash":"2257057797326892347988224808791044800","length":373},"source":"https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/commit/c1083aeee60590aadf122e611fa609401bf4b715","signature_type":"Function","signature_version":"v1","id":"ASB-A-261468700-69dc504e","deprecated":false},{"target":{"file":"system/btif/src/btif_rc.cc"},"digest":{"threshold":0.9,"line_hashes":["198501605171622735764451774822836307684","49233602822421454227654363245238567726","258218048309996783656957562920982086502","197374669681593133590246721053664482760","248358120553711379278262544451871601325","93886804039205539215332477089352647215","56554828095868647998022052704214875002","67887310464748986185835701603219593281","39429013956879160365828860462239048473","335512079976799002624098335223468798909","37233390695345071467203070360983065538","270221086467703866770790850083689958493","314509181606919824541728650011442592321","213553026857821463775304024798272586414","171896062302992245690000055696247571642","208185471121388472532168856294938336264","74449267250648144254170371694028486562","249113832383166454925590436826424045191","233216633201057789608763622527648043496","185179164241950216732710977074757923621","338474459350363079566317616956374649886","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647","333677324237054500394885501193243281504","162403195597631196227566524469548142429","295953199312985405552457539084723688041","36146206868693142766855030954871973935","8208724586719106161528782095881969174","234718952035531545196760832338817116433","226201768262611866861663137142654494036","208686398426692650894380892526179126182","164337345084149832306500202435393312452","274638897496970668148642816701481756667","241458679199171088301319025217368028476","72788347786958773441275525594862198864","226525171154185024313042518404172880885","113353310303716970974930122491986308480","101813440776810064499308963774861331951"]},"source":"https://git.codelinaro.org/clo/la/platform/packages/modules/Bluetooth/commit/c1083aeee60590aadf122e611fa609401bf4b715","signature_type":"Line","signature_version":"v1","id":"ASB-A-261468700-7f124599","deprecated":false}],"spl":"2023-03-05"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-261468700.json"}},{"package":{"name":"platform/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"SoCVersion:0"},{"fixed":"SoCVersion:2023-03-05"}]}],"versions":["SoCVersion"],"ecosystem_specific":{"types":["Unknown"],"fixes":["https://git.codelinaro.org/clo/la/platform/system/bt/-/commit/4794a727c6742886c330f52d01714bf9d210ee1f"],"severity":"High","vanir_signatures":[{"target":{"file":"btif/src/btif_rc.c","function":"handle_app_attr_val_txt_response"},"digest":{"function_hash":"119386084634936206784686392777148192290","length":2880},"source":"https://git.codelinaro.org/clo/la/platform/system/bt/commit/4794a727c6742886c330f52d01714bf9d210ee1f","signature_type":"Function","signature_version":"v1","id":"ASB-A-261468700-16847166","deprecated":false},{"target":{"file":"btif/src/btif_rc.c"},"digest":{"threshold":0.9,"line_hashes":["149155234255815266685256961524259422269","76420412480338801489074901039036183160","282947470962427436446868509524635131605","299846181600380792867384792727227312793","330231040788064414061316127794763141241","100105786746532351699903295563572511181","292681259241469279337581857256652964618","267407137698595387223256987896502239435","136061389595751446467705415454521501371","168644198506204401850816618948383073238","102377984076514862998393016569593444259","142269943870081376359690163309055910296","118514344386947838508074573257964261237","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647","279812793528506847028675116285838581803","141659872799191636068720744277967033411","304236027964776982991594867573932418959","289280124920919296480979164529475580200","271083296775279344815090793762880065826","307525227588208569079592577355737900425","99100296490688811915602098117529360112","31500461951265096970164237105341480315","148253209883878774261970287305441137215","192248602107166097104385067399520504560","283069961590784925357685586130365467621","283435668381473085408625691570403870009","142269943870081376359690163309055910296","118514344386947838508074573257964261237","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647"]},"source":"https://git.codelinaro.org/clo/la/platform/system/bt/commit/4794a727c6742886c330f52d01714bf9d210ee1f","signature_type":"Line","signature_version":"v1","id":"ASB-A-261468700-7baaff3a","deprecated":false},{"target":{"file":"btif/src/btif_rc.c","function":"handle_app_attr_txt_response"},"digest":{"function_hash":"16940840847617822119482068160651053663","length":1505},"source":"https://git.codelinaro.org/clo/la/platform/system/bt/commit/4794a727c6742886c330f52d01714bf9d210ee1f","signature_type":"Function","signature_version":"v1","id":"ASB-A-261468700-8e553557","deprecated":false}],"spl":"2023-03-05"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-261468700.json"}},{"package":{"name":"platform/vendor/qcom-opensource/bluetooth_ext","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"SoCVersion:0"},{"fixed":"SoCVersion:2023-03-05"}]}],"versions":["SoCVersion"],"ecosystem_specific":{"types":["Unknown"],"severity":"High","fixes":["https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/-/commit/df0fda53df2dadd4d37e01c392a277656d9430ee"],"vanir_signatures":[{"target":{"file":"system_bt_ext/btif/src/btif_avk_rc.cc","function":"handle_app_attr_txt_response"},"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/commit/df0fda53df2dadd4d37e01c392a277656d9430ee","signature_version":"v1","signature_type":"Function","digest":{"function_hash":"191552570709393726412834826535643361011","length":1543},"id":"ASB-A-261468700-0b24f9fa","deprecated":false},{"deprecated":false,"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/commit/df0fda53df2dadd4d37e01c392a277656d9430ee","signature_version":"v1","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["198501605171622735764451774822836307684","49233602822421454227654363245238567726","258218048309996783656957562920982086502","197374669681593133590246721053664482760","248358120553711379278262544451871601325","93886804039205539215332477089352647215","56554828095868647998022052704214875002","67887310464748986185835701603219593281","43725287179884291239460533361972476261","335512079976799002624098335223468798909","37233390695345071467203070360983065538","270221086467703866770790850083689958493","314509181606919824541728650011442592321","213553026857821463775304024798272586414","171896062302992245690000055696247571642","208185471121388472532168856294938336264","74449267250648144254170371694028486562","249113832383166454925590436826424045191","233216633201057789608763622527648043496","185179164241950216732710977074757923621","338474459350363079566317616956374649886","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647","333677324237054500394885501193243281504","162403195597631196227566524469548142429","295953199312985405552457539084723688041","36146206868693142766855030954871973935","8208724586719106161528782095881969174","234718952035531545196760832338817116433","226201768262611866861663137142654494036","208686398426692650894380892526179126182","282962615037273118279026180344497131496","172719713482595053438106905795687391957","119060206049896131087865658915312862158","338474459350363079566317616956374649886","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647"]},"id":"ASB-A-261468700-595b0626","target":{"file":"system_bt_ext/btif/src/btif_avk_rc.cc"}},{"deprecated":false,"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/bluetooth_ext/commit/df0fda53df2dadd4d37e01c392a277656d9430ee","signature_version":"v1","signature_type":"Function","digest":{"function_hash":"338972555684903058471321152006078268627","length":2979},"id":"ASB-A-261468700-f128c3ca","target":{"file":"system_bt_ext/btif/src/btif_avk_rc.cc","function":"handle_app_attr_val_txt_response"}}],"spl":"2023-03-05"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-261468700.json"}},{"package":{"name":"platform/vendor/qcom-opensource/system/bt","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"SoCVersion:0"},{"fixed":"SoCVersion:2023-03-05"}]}],"versions":["SoCVersion"],"ecosystem_specific":{"types":["Unknown"],"severity":"High","fixes":["https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/-/commit/1dc86735a8eadab4521c35d4901fe395393c48e7"],"vanir_signatures":[{"target":{"file":"btif/src/btif_rc.cc","function":"handle_app_attr_txt_response"},"digest":{"function_hash":"47735922374617231434077787012219410214","length":1539},"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/commit/1dc86735a8eadab4521c35d4901fe395393c48e7","signature_type":"Function","signature_version":"v1","id":"ASB-A-261468700-b79d342c","deprecated":false},{"deprecated":false,"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/commit/1dc86735a8eadab4521c35d4901fe395393c48e7","signature_version":"v1","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["198501605171622735764451774822836307684","49233602822421454227654363245238567726","258218048309996783656957562920982086502","197374669681593133590246721053664482760","248358120553711379278262544451871601325","93886804039205539215332477089352647215","56554828095868647998022052704214875002","67887310464748986185835701603219593281","71985033578768695841879885927382833800","335512079976799002624098335223468798909","37233390695345071467203070360983065538","270221086467703866770790850083689958493","314509181606919824541728650011442592321","213553026857821463775304024798272586414","171896062302992245690000055696247571642","208185471121388472532168856294938336264","74449267250648144254170371694028486562","249113832383166454925590436826424045191","233216633201057789608763622527648043496","185179164241950216732710977074757923621","338474459350363079566317616956374649886","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647","333677324237054500394885501193243281504","162403195597631196227566524469548142429","295953199312985405552457539084723688041","36146206868693142766855030954871973935","8208724586719106161528782095881969174","234718952035531545196760832338817116433","226201768262611866861663137142654494036","208686398426692650894380892526179126182","282962615037273118279026180344497131496","172719713482595053438106905795687391957","119060206049896131087865658915312862158","338474459350363079566317616956374649886","76932180179394533646477579517177725037","306543832731961587747475715845468589402","333954865975111023046837382762569424647"]},"id":"ASB-A-261468700-cbe1fde6","target":{"file":"btif/src/btif_rc.cc"}},{"target":{"file":"btif/src/btif_rc.cc","function":"handle_app_attr_val_txt_response"},"signature_type":"Function","digest":{"function_hash":"19970504822898645666481602796328136186","length":2971},"source":"https://git.codelinaro.org/clo/la/platform/vendor/qcom-opensource/system/bt/commit/1dc86735a8eadab4521c35d4901fe395393c48e7","signature_version":"v1","id":"ASB-A-261468700-f678cd92","deprecated":false}],"spl":"2023-03-05"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-261468700.json"}}],"schema_version":"1.7.5"}