CVE-2020-0022

Published Feb 13, 2020
Last updated 3 months ago
CVSS high 8.8
Overview

Description: In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
Source: security@android.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 8.3
Impact score: 10
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-682
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-682
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B578E383-0D77-4AC7-9C81-3F0B8C18E033"
          },
          {
            "criteria": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"
          },
          {
            "criteria": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DFAAD08-36DA-4C95-8200-C29FE5B6B854"
          },
          {
            "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75056A1A-9008-4A43-989D-5E5899A3994F",
            "versionEndExcluding": "10.0.0.195\\(c00e74r3p8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B5322963-9375-4E4E-8119-895C224003AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3AAFCC24-8ADA-427B-84FE-1030AC3DE54D",
            "versionEndExcluding": "10.0.0.196\\(c185e7r2p4\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2564E28F-EF08-4381-96D8-58BB7C8C0E0C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_20_x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9682CC9-50CA-45FB-ACE7-20F1D097FE00",
            "versionEndExcluding": "10.0.0.195\\(c00e74r2p8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_20_x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5FD3779B-F943-4B7E-BF82-AA4A051D02C8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p_smart_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E28978C4-E7E5-4414-B442-92A4B533BB42",
            "versionEndExcluding": "9.1.0.193\\(c605e6r1p5t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p_smart:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "64C4DE1A-ACBD-4DCA-8BAD-23AE6DF4025B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p_smart_2019_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E07EC714-4635-446B-87C7-CC5EE610B175",
            "versionEndExcluding": "10.0.0.180\\(c185e3r4p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p_smart_2019:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9B141C85-AFD2-4D7C-8B72-A065B3C905F6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22D5DBA0-EA94-4752-985C-DA7D555D7854",
            "versionEndExcluding": "10.0.0.162\\(c00e156r1p4\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7492911B-4242-4947-9DED-9F48FC0875CD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p20_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "138A6DBD-D3E3-47F8-ADF9-9ABD5C8AD397",
            "versionEndExcluding": "10.0.0.162\\(c00e156r1p4\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p20_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B315FBC-8BF9-4256-80F9-63EFF0806BEB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p30_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D8897DB-732C-4B72-8A5C-F726805EFFB3",
            "versionEndExcluding": "10.0.0.190\\(c432e22r2p5\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p30:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "21EE286C-8111-4F59-8CF1-13C68EA76B21"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:p30_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67F3CF79-07A3-476D-B30B-90E1852E48CD",
            "versionEndExcluding": "10.0.0.195\\(c00e85r2p8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:p30_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DB671DB-CB5B-46E0-B221-722D051184DE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:y6_2019_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD39CEB3-C282-4988-A642-58E41C8DDDED",
            "versionEndExcluding": "9.1.0.290\\(c185e5r4p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:y6_2019:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7E7053C3-4EB2-438E-9544-41ACF7A91057"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:y6_pro_2019_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB0C0A35-FBB5-4492-BA94-4ADB1CE29C5E",
            "versionEndExcluding": "9.1.0.290\\(c636e5r3p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:y6_pro_2019:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6B1F9660-41E0-4536-8032-57AD3E844A94"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9C331EF-4B78-4ECB-A99E-33FDE093ABEB",
            "versionEndExcluding": "9.1.0.264\\(c185e2r5p1t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F48ABE15-BC87-4B02-8B39-94DA1DC96B92"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nova_3_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F27CB3A-F773-48FB-9CAE-20FC93273D21",
            "versionEndExcluding": "9.1.0.338\\(c00e333r1p1t8\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF68FFB0-01F8-4937-8BF4-36866F02E9A8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nova_lite_3_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0938EC8C-17BB-48DE-A477-770948A20696",
            "versionEndExcluding": "9.1.0.322\\(c635e8r2p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nova_lite_3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9EEA4B63-97F3-4BAB-B96E-4C36D9B0FDE5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2128BDE5-AE3B-427E-8A25-F3065850206A",
            "versionEndExcluding": "9.1.0.291\\(c185e3r4p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8a:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B2E19C33-F393-4E0C-9AA7-461AF50EDF7F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_8x_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "174DF865-A0F6-49DE-A465-9BA68799480A",
            "versionEndExcluding": "10.0.0.183\\(c185e2r6p1\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_8x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E7635502-0FD1-464E-8C64-1E8FF6235495"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA8F4F9C-B02E-4C43-B4C4-485E2E38D3B0",
            "versionEndExcluding": "10.0.0.195\\(c636e3r4p3\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A55CF4F-8E86-419C-845B-CE60070620A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_30_pro_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D0ECA4E-CAFE-4637-95DC-B201B9549FC0",
            "versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_30_pro:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "488781A7-935E-4DD6-AD9D-A058067E10AD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_30_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F108CFD3-6A5F-40DE-A042-4528C43317D7",
            "versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_30:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "40B08C1D-444B-4C8B-B7F9-60CA9B2A8D50"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_30_pro_5g_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD56816C-6906-42DA-9BD3-70810C3BF658",
            "versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_30_pro_5g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B7D6F9EF-ECC4-43BC-8AF4-BBAAF0F6940B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:mate_30_5g_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20D00959-B094-47B9-868B-21E905EF4401",
            "versionEndExcluding": "10.0.0.203\\(c00e202r7p2\\)"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:mate_30_5g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF4BEDDB-BDB9-4172-8B3E-6013AFDD8928"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
