CNVD-2024-07123 — Vulnetix

CNVD-2024-07123 PUBLISHED CVSS 8.800000190734863 HIGH

Google Android是美国谷歌（Google）公司的一套以Linux为基础的开源操作系统。 Google Android存在代码执行漏洞，该漏洞是由于在com_Android_bluetooth_btservice_AdapterService.cpp脚本中的callback_thread_event中释放后使用造成的。攻击者可利用此漏洞在系统上执行任意代码。

Risk Scores

CVSS 3.1

8.800000190734863

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
google	android	12.0, 12l, 14.0
Google	Android	14, 13, 12L

Exploit Intelligence

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bfd817719fcf55cbb3476e6b5539a3db4c437fc (circl)
https://source.android.com/security/bulletin/2023-12-01 (circl)
CIRCL seen: CVE-2023-40088 (circl-sighting)

Timeline

Jun 6, 2023 CVE Published
Oct 14, 2024 PoC Published

References

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bfd817719fcf55cbb3476e6b5539a3db4c437fc url
https://source.android.com/security/bulletin/2023-12-01 url

Open in Interactive Console →