CVE-2023-21195

Name of the Vulnerable Software and Affected Versions Android versions prior to Android-13

Description The issue is related to a possible out of bounds read in the btm ble periodic adv sync tx rcvd function of btm ble gap.cc. This could lead to local information disclosure over Bluetooth if the firmware is compromised, requiring System execution privileges. No user interaction is needed for exploitation.

Recommendations For Android versions prior to Android-13, update to Android-13 or a later version to resolve the issue. As a temporary workaround, consider restricting Bluetooth connectivity to trusted devices until the update is applied.