CVE-2023-21125

HIGH

Android - Use-After-Free in btif_hh_hsdata_rpt_copy_cb

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-21125. PoCs published by 761669642.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2023-21125, targeting a vulnerability in the Bluedroid Bluetooth stack. The exploit appears to focus on the A2DP (Advanced Audio Distribution Profile) implementation, with code modifications in the audio_a2dp_hw module.

Description

In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (1)

nomisec WORKING POC
by 761669642 · poc
https://github.com/761669642/Mahesh-970-CVE-2023-21125_bluedriod_repo

This repository contains a proof-of-concept exploit for CVE-2023-21125, targeting a vulnerability in the Bluedroid Bluetooth stack. The exploit appears to focus on the A2DP (Advanced Audio Distribution Profile) implementation, with code modifications in the audio_a2dp_hw module.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Bluedroid Bluetooth stack (Android)
No auth needed
Prerequisites: Physical proximity to the target device · Bluetooth enabled on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.0
EPSS 0.0019
EPSS Percentile 8.4%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-416
Status published
Products (2)
google/android 12.0
google/android 12.1
Published Aug 26, 2025
Tracked Since Feb 18, 2026