CVE-2024-0039
published 2024-03-11CVE-2024-0039: In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.51%
71.3th percentile
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | packages_modules_bluetooth | >= 13:0 < 13:2024-03-01 | 13:2024-03-01 |
| platform | packages_modules_bluetooth | >= 14-next:0 < 14-next:2024-03-01 | 14-next:2024-03-01 |
| platform | packages_modules_bluetooth | >= 14:0 < 14:2024-03-01 | 14:2024-03-01 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in the function `attp_build_value_cmd` within `att_protocol.cc` — monitor for anomalous Bluetooth ATT (Attribute Protocol) traffic or crashes originating from this code path ↗
- →No user interaction required and no additional privileges needed — exploit can be delivered entirely remotely over Bluetooth, making passive/unauthenticated BT connections a key detection surface ↗
- →Affected Android versions are 12, 12L, 13, and 14 — prioritize detection and patching on unpatched devices running these AOSP versions ↗
- ·This is a CRITICAL-rated RCE with no user interaction required; the Android Security Bulletin classifies it as Type RCE, meaning exploitation requires only Bluetooth proximity/reachability with no victim action ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qp4c-f9fg-vrxf: In attp_build_value_cmd of att_protocol
ghsa_unreviewed·2024-03-11
CVE-2024-0039 [CRITICAL] CWE-787 GHSA-qp4c-f9fg-vrxf: In attp_build_value_cmd of att_protocol
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
OSV
CVE-2024-0039: In attp_build_value_cmd of att_protocol
osv·2024-03-01
CVE-2024-0039 CVE-2024-0039: In attp_build_value_cmd of att_protocol
In attp_build_value_cmd of att_protocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Android
CVE-2024-0039: Android Security Bulletin 2024-03-01
CVE: CVE-2024-0039
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 12, 12L, 13, 14
References: A-295887535
[
vendor_android·2024-03-01·CVSS 9.8
CVE-2024-0039 [CRITICAL] CVE-2024-0039: Android Security Bulletin 2024-03-01
CVE: CVE-2024-0039
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 12, 12L, 13, 14
References: A-295887535
[
Android Security Bulletin 2024-03-01
CVE: CVE-2024-0039
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 12, 12L, 13, 14
References: A-295887535
[2]
[3]
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://android.googlesource.com/platform/packages/modules/Bluetooth/+/015c618a0461def93138173a53daaf27ca0630c9https://android.googlesource.com/platform/packages/modules/Bluetooth/+/17044ccf3a2858633cad8f87926e752edfe0d8d8https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f0f35273101518d1f3a660b151804e90d0249af3https://source.android.com/security/bulletin/2024-03-01https://android.googlesource.com/platform/packages/modules/Bluetooth/+/015c618a0461def93138173a53daaf27ca0630c9https://android.googlesource.com/platform/packages/modules/Bluetooth/+/17044ccf3a2858633cad8f87926e752edfe0d8d8https://android.googlesource.com/platform/packages/modules/Bluetooth/+/f0f35273101518d1f3a660b151804e90d0249af3https://source.android.com/security/bulletin/2024-03-01
2024-03-11
Published