CVE-2021-0991Log File Information Exposure in Google Android

CWE-532Log File Information Exposure4 documents4 sources
Severity
2.4LOWNVD
EPSS
0.0%
top 94.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Platform Packages Apps SettingsGoogle Android
Timeline
PublishedDec 15
Latest updateDec 16

Description

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181588752

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:NExploitability: 0.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5google/androidAndroid-12
NVDgoogle/android12.0
Androidplatform/packages_apps_settings12:012:2021-12-01

Patches

Patch: source.android.comPatch: source.android.com

🔴Vulnerability Details

3
GHSA
GHSA-3jhq-49ph-54f5: In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController2021-12-16
CVEList
CVE-2021-0991: In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController2021-12-15
OSV
CVE-2021-0991: In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController2021-12-01
CVE-2021-0991 — Log File Information Exposure in Google | cvebase