CVE-2023-35657
BaseFortify
Publication date: 2025-09-04
Last updated on: 2025-09-05
Assigner: Android (associated with Google Inc. or Open Handset Alliance)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| android | 13.0 | |
| android | 15.0 | |
| android | 14.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-35657 is an out-of-bounds (OOB) read vulnerability in the Android Bluetooth module, specifically in the Fluoride Bluetooth stack. It occurs because the function bta_av_setconfig_rej incorrectly assumes the type of a union member passed to it, leading to reading memory outside the intended bounds. This type confusion causes the function to access invalid memory, which can disclose local information without needing any special privileges or user interaction. [1]
How can this vulnerability impact me? :
This vulnerability can lead to local information disclosure on affected Android devices. An attacker could exploit this flaw to read sensitive data from memory without requiring additional execution privileges or user interaction. While it does not allow code execution or remote attacks, the exposure of local information could be leveraged in further attacks or to compromise user privacy. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by building and running the Fluoride Bluetooth stack with the provided fix and running its automated libbluetooth tests and manual tests. The Fluoride Bluetooth daemon (btadapterd) can be run on Linux to monitor Bluetooth interfaces (default hci0). There are no specific detection commands provided, but setting up the build environment and running the tests as described in the resource can help identify the issue. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating the Fluoride Bluetooth stack to include the fix committed on April 5, 2024, which corrects the out-of-bounds read by modifying the function bta_av_setconfig_rej to avoid incorrect union member assumptions. If using affected Android or Linux systems with the Fluoride Bluetooth stack, apply the patch or update to a version including this fix. Additionally, running the updated btadapterd daemon can help ensure the vulnerability is addressed. [1]