Out of Bounds Read Vulnerability in btif_av.cc Allows Remote Information Disclosure over Bluetooth

Out of Bounds Read Vulnerability in btif_av.cc Allows Remote Information Disclosure over Bluetooth

CVE-2019-2227 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In DeepCopy of btif_av.cc, there is a possible out of bounds read due to improper casting. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-140768453

Learn more about our Cis Benchmark Audit For Google Android.