CVE-2022-20447

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue is related to a possible out of bounds read due to a use after free in the PAN WriteBuf function of pan api.cc. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-13, consider restricting Bluetooth access until a patch is available to prevent potential remote information disclosure. As a temporary workaround, disabling Bluetooth functionality when not in use may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.