CVE-2023-35657 — Out-of-bounds Read

Vendor	Product	Version range	Fixed in
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
google	android	—	—
platform	packages_modules_bluetooth	>= 13:0 < 13:2025-05-01	13:2025-05-01
platform	packages_modules_bluetooth	>= 14:0 < 14:2025-05-01	14:2025-05-01
platform	packages_modules_bluetooth	>= 15-next:0 < 15-next:2025-05-01	15-next:2025-05-01
platform	packages_modules_bluetooth	>= 15:0 < 15:2025-05-01	15:2025-05-01

GHSA

GHSA-m3pw-86cq-qfvq: In bta_av_config_ind of bta_av_aact

ghsa_unreviewed·2025-09-04

CVE-2023-35657 [MEDIUM] CWE-125 GHSA-m3pw-86cq-qfvq: In bta_av_config_ind of bta_av_aact In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

OSV

CVE-2023-35657: In bta_av_config_ind of bta_av_aact

osv·2025-05-01

CVE-2023-35657 CVE-2023-35657: In bta_av_config_ind of bta_av_aact In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Android

CVE-2023-35657: Android Security Bulletin 2025-05-01 CVE: CVE-2023-35657 Severity: HIGH Type: ID Affected AOSP versions: 13, 14, 15 References: A-260230151

vendor_android·2025-05-01·CVSS 4.0

CVE-2023-35657 [MEDIUM] CVE-2023-35657: Android Security Bulletin 2025-05-01 CVE: CVE-2023-35657 Severity: HIGH Type: ID Affected AOSP versions: 13, 14, 15 References: A-260230151 Android Security Bulletin 2025-05-01 CVE: CVE-2023-35657 Severity: HIGH Type: ID Affected AOSP versions: 13, 14, 15 References: A-260230151

CVE-2023-35657: In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bounds read due to type confusion. This could lead to local information disclosure with no…

Affected