CVE-2020-0138

CRITICAL

Android -10 - Buffer Overflow

Title source: llm

Description

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142878416

Exploits (1)

nomisec WORKING POC

by Satheesh575555 · poc

https://github.com/Satheesh575555/system_bt_AOSP10_r33-CVE-2020-0138

View Code ZIP pw:eip

References (1)

[Patch, Vendor Advisory] https://source.android.com/security/bulletin/pixel/2020-06-01

Scores

CVSS v3 9.8

EPSS 0.0552

EPSS Percentile 90.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (1)

google/android 10.0

Published Jun 11, 2020

Tracked Since Feb 18, 2026