{"id":"PUB-A-261857395","details":"In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-261857395","CVE-2023-21196"],"modified":"2026-05-26T15:46:26.044149249Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"],"vanir_signatures":[{"signature_version":"v1","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["16276308536838048564391588226339405023","314948712574164808921584153306691502403","113754413290692655177263548935868418351","132986881310027458669326471364970709590","310858726269934895533229492769116261693","102172718869360331833212396559600731618","279415039534860672404687007059789050476","131146324542424074192979982911708370719","272008996873394428805330809523762299906","23097328352997370459884919771444815053","1056514552567377713410099963957207258","210808304601870682230728949717801520707","47061259919034927765025885382840062594","40011571491480450110481739262622879286","103908216389789488639376834295949441336","269424099109402562172354619729860063141","58139409375986743851710985028777972298","148373393162882033973257156371622415117","52672578180042948831948626064784968340","40583038587652380039640689117943432468","42654043377197860962981240438897896707","178427242276170347809238043195937465563","314286285522645166274438116751300110704","14085346397466094487897505559215469942","83946472440612095981748132393743154801","22719246637737542001868175346762326255","225746277784383360638876631265169815211","202602873096280078119841019691178628415","129845301900870639488307551200080716793","240197643972712936190462010741701938194","229036865155130366305770548188093406766","280018579687411336514844752302229018378","236137458355347890361215743344639874313","327794514350218014445433929916315867216","78564406537967353718264773274274478338","94384269470022003985666208508997847952","124322963261821670672685189337361041229","39102702791275731539284395096602433815","297063676588634458477586866891214892886","280213876813813338804356004165804294579","109412383185133777684554500299883890901","199663428102754125596052461157338815312","58983557586720109538434654743371121418","160882060770664606581495109306316018989"]},"target":{"file":"system/stack/btm/btm_ble_batchscan.cc"},"signature_type":"Line","id":"PUB-A-261857395-a383beae","source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"},{"signature_version":"v1","id":"PUB-A-261857395-b6b23856","target":{"function":"btm_ble_batchscan_filter_track_adv_vse_cback","file":"system/stack/btm/btm_ble_batchscan.cc"},"signature_type":"Function","digest":{"length":2058,"function_hash":"308852664891405002207167474436655693499"},"deprecated":false,"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"}],"types":["ID"],"spl":"2023-06-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261857395.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"],"vanir_signatures":[{"signature_version":"v1","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["16276308536838048564391588226339405023","314948712574164808921584153306691502403","113754413290692655177263548935868418351","132986881310027458669326471364970709590","310858726269934895533229492769116261693","102172718869360331833212396559600731618","279415039534860672404687007059789050476","131146324542424074192979982911708370719","272008996873394428805330809523762299906","23097328352997370459884919771444815053","1056514552567377713410099963957207258","210808304601870682230728949717801520707","47061259919034927765025885382840062594","40011571491480450110481739262622879286","103908216389789488639376834295949441336","269424099109402562172354619729860063141","58139409375986743851710985028777972298","148373393162882033973257156371622415117","52672578180042948831948626064784968340","40583038587652380039640689117943432468","42654043377197860962981240438897896707","178427242276170347809238043195937465563","314286285522645166274438116751300110704","14085346397466094487897505559215469942","83946472440612095981748132393743154801","22719246637737542001868175346762326255","225746277784383360638876631265169815211","202602873096280078119841019691178628415","129845301900870639488307551200080716793","240197643972712936190462010741701938194","229036865155130366305770548188093406766","280018579687411336514844752302229018378","236137458355347890361215743344639874313","327794514350218014445433929916315867216","78564406537967353718264773274274478338","94384269470022003985666208508997847952","124322963261821670672685189337361041229","39102702791275731539284395096602433815","297063676588634458477586866891214892886","280213876813813338804356004165804294579","109412383185133777684554500299883890901","199663428102754125596052461157338815312","58983557586720109538434654743371121418","160882060770664606581495109306316018989"]},"target":{"file":"system/stack/btm/btm_ble_batchscan.cc"},"signature_type":"Line","id":"PUB-A-261857395-5682af1d","source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"},{"signature_version":"v1","id":"PUB-A-261857395-6112b1ec","signature_type":"Function","digest":{"length":2058,"function_hash":"308852664891405002207167474436655693499"},"deprecated":false,"target":{"function":"btm_ble_batchscan_filter_track_adv_vse_cback","file":"system/stack/btm/btm_ble_batchscan.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/c5e898d346cbaa88eaecde2b1a052d06604f8a16"}],"types":["ID"],"spl":"2023-06-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261857395.json"}}],"schema_version":"1.7.5"}