CVE-2023-21125 — Use After Free in Platform System BT

Vendor	Product	Version range	Fixed in
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
platform	system_bt	>= 12:0 < 12:2025-03-01	12:2025-03-01
platform	system_bt	>= 12L:0 < 12L:2025-03-01	12L:2025-03-01

Android

CVE-2023-21125: Android Security Bulletin 2025-03-01 CVE: CVE-2023-21125 Severity: HIGH Type: EoP Affected AOSP versions: 12, 12L References: A-228837201

vendor_android·2025-03-01·CVSS 8.0

CVE-2023-21125 [HIGH] CVE-2023-21125: Android Security Bulletin 2025-03-01 CVE: CVE-2023-21125 Severity: HIGH Type: EoP Affected AOSP versions: 12, 12L References: A-228837201 Android Security Bulletin 2025-03-01 CVE: CVE-2023-21125 Severity: HIGH Type: EoP Affected AOSP versions: 12, 12L References: A-228837201

GHSA

GHSA-jpc2-j9xp-5j5r: In btif_hh_hsdata_rpt_copy_cb of bta_hh

ghsa_unreviewed·2025-08-27

CVE-2023-21125 [HIGH] CWE-416 GHSA-jpc2-j9xp-5j5r: In btif_hh_hsdata_rpt_copy_cb of bta_hh In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

OSV

CVE-2023-21125: In btif_hh_hsdata_rpt_copy_cb of bta_hh

osv·2025-03-01

CVE-2023-21125 CVE-2023-21125: In btif_hh_hsdata_rpt_copy_cb of bta_hh In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21125: In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege…

Affected