CVE-2022-20222

Name of the Vulnerable Software and Affected Versions Android versions Android-12 through Android-12L

Description The issue is related to a missing bounds check in the read attr value function of gatt db.cc, which could lead to a possible out of bounds write. This might result in remote code execution without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android versions Android-12 through Android-12L, consider restricting access to the read attr value function in gatt db.cc until a patch is available. As a temporary workaround, avoid using the read attr value function in gatt db.cc to minimize the risk of exploitation.