{"id":"PUB-A-264624283","details":"In btm_ble_update_inq_result of btm_ble_gap.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-264624283","CVE-2023-21188"],"modified":"2026-06-01T15:55:42.428303297Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302"],"spl":"2023-06-01","types":["ID"],"vanir_signatures":[{"id":"PUB-A-264624283-83c24533","deprecated":false,"signature_type":"Function","target":{"function":"btm_ble_update_inq_result","file":"system/stack/btm/btm_ble_gap.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302","digest":{"function_hash":"199569595006823782257596810689626396978","length":2848},"signature_version":"v1"},{"id":"PUB-A-264624283-8a83236c","deprecated":false,"signature_type":"Line","target":{"file":"system/stack/btm/btm_ble_gap.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302","digest":{"line_hashes":["101134899967797481357420567711456322276","158461182448082205290765127463070286544","95011044237623300927781625058674480253","217616323269986906510589354251642675794"],"threshold":0.9},"signature_version":"v1"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-264624283.json"}},{"package":{"name":"platform/packages/modules/Bluetooth","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"Moderate","fixes":["https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302"],"spl":"2023-06-01","types":["ID"],"vanir_signatures":[{"id":"PUB-A-264624283-220568f6","deprecated":false,"signature_type":"Function","target":{"function":"btm_ble_update_inq_result","file":"system/stack/btm/btm_ble_gap.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302","digest":{"function_hash":"199569595006823782257596810689626396978","length":2848},"signature_version":"v1"},{"id":"PUB-A-264624283-55455ff9","deprecated":false,"signature_type":"Line","target":{"file":"system/stack/btm/btm_ble_gap.cc"},"source":"https://android.googlesource.com/platform/packages/modules/Bluetooth/+/70ab248059d86fa759627b8121b0a8880c982302","digest":{"line_hashes":["101134899967797481357420567711456322276","158461182448082205290765127463070286544","95011044237623300927781625058674480253","217616323269986906510589354251642675794"],"threshold":0.9},"signature_version":"v1"}]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-264624283.json"}}],"schema_version":"1.7.5"}