CVE-2021-0329

Name of the Vulnerable Software and Affected Versions: Android versions 8.1 through 11

Description: The issue is related to a missing bounds check in several native functions called by AdvertiseManager.java, which could lead to a local escalation of privilege in the Bluetooth server. This requires User execution privileges and does not need user interaction for exploitation.

Recommendations: For Android versions 8.1 through 11, consider restricting access to the Bluetooth server to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling the vulnerable functions in AdvertiseManager.java until a fix is provided.