NVD-CWE-noinfo

In btif_dm_auth_cmpl_evt of btif_dm.cc, there is a possible vulnerability in Cross-Transport Key Derivation due to Weakness in Bluetooth Standard. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-231161832

Product: AndroidVersions: Android kernelAndroid ID: A-229632566References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel

Product: AndroidVersions: Android kernelAndroid ID: A-215730643References: N/A

In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222339795References: N/A

Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A