CVE-2022-20467

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-13

Description The issue is related to a possible incorrect file read due to a confused deputy in the isBluetoothShareUri function of BluetoothOppUtility.java. This could lead to local information disclosure with no additional execution privileges needed. User interaction is required for exploitation.

Recommendations For Android versions Android-11 through Android-13, update to a version that includes the fix for the issue in BluetoothOppUtility.java, specifically addressing the isBluetoothShareUri function to prevent incorrect file reads. As a temporary workaround, consider restricting user interaction with Bluetooth sharing functionality until a patch is available.