Yajin Zhou

**Name of the Vulnerable Software and Affected Versions** Bluetooth prior to SMR Jun-2022 Release 1 **Description** The issue concerns broadcasting an Intent including the BluetoothDevice object without proper restriction of receivers in the sendIntentSessionCompleted function of Bluetooth. This leaks the MAC address of the connected Bluetooth device. **Recommendations** For Bluetooth prior to SMR Jun-2022 Release 1, update to SMR Jun-2022 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the sendIntentSessionCompleted function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** One UI Home versions prior to SMR April-2022 Release 1 **Description** The issue allows unauthorized access to information about the currently launched foreground app. **Recommendations** For versions prior to SMR April-2022 Release 1, update to the SMR April-2022 Release 1 or later to resolve the issue.