cnvd - cnvd-2016-04822

cnvd-2016-04822

Vulnerability from cnvd

Title

Android Bluetoot函数缓冲区溢出漏洞

Description

Android是美国谷歌（Google）公司和开放手持设备联盟（简称OHA）共同开发的一套以Linux为基础的开源操作系统。Bluetooth是其中的一个蓝牙组件。 Android中的Bluetooth的btif/src/btif_hh.c文件中‘create_pbuf’函数存在缓冲区溢出漏洞，远程攻击者可通过设备在配对过程中，利用该漏洞执行任意代码。

Severity

中

Patch Name

Android Bluetoot函数缓冲区溢出漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://source.android.com/security/bulletin/2016-07-01.html

Reference

https://source.android.com/security/bulletin/2016-07-01.html

Impacted products

Name
['Google Android 5.0.x<5.0.2', 'Google Android 5.1.x<5.1.1', 'Google Android 6.x<2016-06-01', 'Google Android 4.x<4.4.4']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3744"
    }
  },
  "description": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Bluetooth\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u84dd\u7259\u7ec4\u4ef6\u3002\r\n\r\nAndroid\u4e2d\u7684Bluetooth\u7684btif/src/btif_hh.c\u6587\u4ef6\u4e2d\u2018create_pbuf\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bbe\u5907\u5728\u914d\u5bf9\u8fc7\u7a0b\u4e2d\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Google",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://source.android.com/security/bulletin/2016-07-01.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04822",
  "openTime": "2016-07-15",
  "patchDescription": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Bluetooth\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u84dd\u7259\u7ec4\u4ef6\u3002\r\n\r\nAndroid\u4e2d\u7684Bluetooth\u7684btif/src/btif_hh.c\u6587\u4ef6\u4e2d\u2018create_pbuf\u2019\u51fd\u6570\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bbe\u5907\u5728\u914d\u5bf9\u8fc7\u7a0b\u4e2d\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Android Bluetoot\u51fd\u6570\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google Android 5.0.x\u003c5.0.2",
      "Google Android  5.1.x\u003c5.1.1",
      "Google Android 6.x\u003c2016-06-01",
      "Google Android 4.x\u003c4.4.4"
    ]
  },
  "referenceLink": "https://source.android.com/security/bulletin/2016-07-01.html",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-13",
  "title": "Android Bluetoot\u51fd\u6570\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2016-3744 (GCVE-0-2016-3744)

Vulnerability from cvelistv5

Published

2016-07-11 01:00

Modified

2024-08-06 00:03

Severity ?

CWE

Summary

Buffer overflow in the create_pbuf function in btif/src/btif_hh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows remote attackers to gain privileges via a crafted pairing operation, aka internal bug 27930580.

References

URL

Tags

	https://android.googlesource.com/platform/system/bt/+/514139f4b40cbb035bb92f3e24d5a389d75db9e6	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2016-07-01.html	x_refsource_CONFIRM