CVE-2021-0329
HIGHAndroid - Out-of-bounds Write in AdvertiseManager Bluetooth Functions
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-0329. PoCs published by ShaikUsaf.
AI-analyzed exploit summary This repository contains source code files from the Android Bluetooth stack, specifically focusing on the A2DP, AVRCP, and other Bluetooth-related components. The code appears to be a snapshot of the vulnerable codebase for CVE-2021-0329, which is a heap overflow vulnerability in the Android Bluetooth stack, but does not include an actual exploit or proof-of-concept code.
Description
In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004
Exploits (1)
This repository contains source code files from the Android Bluetooth stack, specifically focusing on the A2DP, AVRCP, and other Bluetooth-related components. The code appears to be a snapshot of the vulnerable codebase for CVE-2021-0329, which is a heap overflow vulnerability in the Android Bluetooth stack, but does not include an actual exploit or proof-of-concept code.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H