In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://android.googlesource.com/platform/packages/modules/Bluetooth/+/495417bd068c35de0729d9a332639bd0699153ff | Mailing List Patch |
https://source.android.com/security/bulletin/2023-12-01 | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
22 Dec 2023, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Dec 2023, 15:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | () https://source.android.com/security/bulletin/2023-12-01 - Third Party Advisory | |
CWE | CWE-203 |
04 Dec 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-04 23:15
Updated : 2024-02-02 03:15
NVD link : CVE-2023-40090
Mitre link : CVE-2023-40090
CVE.ORG link : CVE-2023-40090
JSON object : View
Products Affected
- android
CWE
CWE-203
Observable Discrepancy