{"id":"ASB-A-287184435","details":"In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-287184435","CVE-2024-34727"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2024-08-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-08-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/6afad4b377b5bc3f38b28296e746b674173f99d8"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-08-01"}]}],"versions":["14-next"],"ecosystem_specific":{"types":["ID"],"vanir_signatures":[{"digest":{"function_hash":"36124008880444953329645145654613027992","length":435},"deprecated":false,"target":{"file":"system/stack/sdp/sdp_utils.cc","function":"sdpu_compare_uuid_with_attr"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39","signature_version":"v1","signature_type":"Function","id":"ASB-A-287184435-4d5a857a"},{"deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39","target":{"file":"system/stack/sdp/sdp_utils.cc"},"signature_type":"Line","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["139131443945002606912506064455006689017","253207943261305781236343062435265004432","250908622023246894622366699106192517526","335091853755149266420202824179508457061","308375983938059669047339829356505397501"]},"id":"ASB-A-287184435-ff44d061"}],"spl":"2024-08-01","severity":"High","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/041220978bd8cb0573a7a6679e16cfc843cc9a39"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-287184435.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-08-01"}]}],"versions":["13"],"ecosystem_specific":{"types":["ID"],"vanir_signatures":[{"digest":{"function_hash":"36124008880444953329645145654613027992","length":435},"deprecated":false,"target":{"file":"system/stack/sdp/sdp_utils.cc","function":"sdpu_compare_uuid_with_attr"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487","signature_version":"v1","signature_type":"Function","id":"ASB-A-287184435-2bf360cc"},{"deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487","target":{"file":"system/stack/sdp/sdp_utils.cc"},"digest":{"threshold":0.9,"line_hashes":["139131443945002606912506064455006689017","253207943261305781236343062435265004432","250908622023246894622366699106192517526","335091853755149266420202824179508457061","308375983938059669047339829356505397501"]},"signature_version":"v1","signature_type":"Line","id":"ASB-A-287184435-bc5a02db"}],"spl":"2024-08-01","severity":"High","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-287184435.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-08-01"}]}],"versions":["14"],"ecosystem_specific":{"types":["ID"],"vanir_signatures":[{"deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487","target":{"file":"system/stack/sdp/sdp_utils.cc","function":"sdpu_compare_uuid_with_attr"},"id":"ASB-A-287184435-1cfb9ca9","signature_version":"v1","digest":{"function_hash":"36124008880444953329645145654613027992","length":435},"signature_type":"Function"},{"deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487","target":{"file":"system/stack/sdp/sdp_utils.cc"},"id":"ASB-A-287184435-2cd4d4f5","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["139131443945002606912506064455006689017","253207943261305781236343062435265004432","250908622023246894622366699106192517526","335091853755149266420202824179508457061","308375983938059669047339829356505397501"]},"signature_type":"Line"}],"spl":"2024-08-01","severity":"High","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7bbdb139bf91dca86c72c33a74c0e3407938c487"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-287184435.json"}}],"schema_version":"1.7.5"}