{"id":"ASB-A-300903400","details":"In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-300903400","CVE-2024-0045"],"modified":"2026-05-25T16:46:24.913870386Z","published":"2024-03-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2024-03-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7d0f696f450241d8ba7a168ba14fa7b75032f0c9"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14-next:0"},{"fixed":"14-next:2024-03-01"}]}],"versions":["14-next"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18"],"spl":"2024-03-01","types":["ID"],"severity":"High","vanir_signatures":[{"signature_type":"Function","signature_version":"v1","id":"ASB-A-300903400-24c830f9","target":{"file":"system/stack/smp/smp_act.cc","function":"smp_proc_sec_req"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18","deprecated":false,"digest":{"function_hash":"318216611240446292738758200872593789098","length":1057}},{"deprecated":false,"signature_version":"v1","id":"ASB-A-300903400-d89584bd","target":{"file":"system/stack/smp/smp_act.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f20a759c149b739f8dfc3790287ad1b954115c18","signature_type":"Line","digest":{"line_hashes":["68935296598475382429362722327325645352","324763877670166220684932851905200955893","55483643642204500388893954441248006011","258959201356652833291423250563927550339"],"threshold":0.9}}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-300903400.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2024-03-01"}]}],"versions":["13"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91"],"types":["ID"],"spl":"2024-03-01","vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"ASB-A-300903400-30a98fd7","target":{"file":"system/stack/smp/smp_act.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91","signature_type":"Line","digest":{"line_hashes":["68935296598475382429362722327325645352","324763877670166220684932851905200955893","55483643642204500388893954441248006011","258959201356652833291423250563927550339"],"threshold":0.9}},{"signature_type":"Function","signature_version":"v1","id":"ASB-A-300903400-76e4bf8b","target":{"file":"system/stack/smp/smp_act.cc","function":"smp_proc_sec_req"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91","deprecated":false,"digest":{"function_hash":"222252477408246620080554891409417581317","length":1052}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-300903400.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"14:0"},{"fixed":"14:2024-03-01"}]}],"versions":["14"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91"],"types":["ID"],"spl":"2024-03-01","vanir_signatures":[{"signature_type":"Function","signature_version":"v1","id":"ASB-A-300903400-8ce7c1c8","deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91","target":{"file":"system/stack/smp/smp_act.cc","function":"smp_proc_sec_req"},"digest":{"function_hash":"222252477408246620080554891409417581317","length":1052}},{"signature_type":"Line","signature_version":"v1","id":"ASB-A-300903400-cf76f0fc","target":{"file":"system/stack/smp/smp_act.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a4704e7519d0a02c1caf8b4d8ed874bc201a4b91","deprecated":false,"digest":{"line_hashes":["68935296598475382429362722327325645352","324763877670166220684932851905200955893","55483643642204500388893954441248006011","258959201356652833291423250563927550339"],"threshold":0.9}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-300903400.json"}}],"schema_version":"1.7.5"}