In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CPE | Name | Operator | Version |
---|---|---|---|
platform/packages/apps/settings | eq | 9 | |
platform/packages/apps/settings | eq | 11 | |
platform/packages/apps/settings | eq | 10 |
android.googlesource.com/platform/packages/apps/Settings/+/10e459921953825d34e70cc4da846aac703d913c
android.googlesource.com/platform/packages/apps/Settings/+/65e3c68e6fbfb1d6762718a190416a2bff36962c
android.googlesource.com/platform/packages/apps/Settings/+/80d8b03d027f3dffb85958f849be3b5316791107
android.googlesource.com/platform/packages/apps/Settings/+/8fe8e0fc211d4f36cce2865a17c834573ec25211
android.googlesource.com/platform/packages/apps/Settings/+/a5046f219a545246f244f0dc003eefdeb1dfeb93
android.googlesource.com/platform/packages/apps/Settings/+/fa504b8e01405fa529670b6ac6112d0241c2ff86
source.android.com/security/bulletin/2021-11-01