Resource Exhaustion Vulnerability in Android BLE Scanner

Resource Exhaustion Vulnerability in Android BLE Scanner

CVE-2017-13211 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0. Android ID: A-65174158.

Learn more about our Cis Benchmark Audit For Google Android.