CVE Vulnerabilities

CVE-2022-30724

Improper Handling of Exceptional Conditions

Published: Jun 07, 2022 | Modified: Jun 11, 2022
CVSS 3.x
4.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
3.3 LOW
AV:A/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.

Weakness

The product does not handle or incorrectly handles an exceptional condition.

Affected Software

Name Vendor Start Version End Version
Android Google 10.0 (including) 10.0 (including)
Android Google 11.0 (including) 11.0 (including)
Android Google 12.0 (including) 12.0 (including)

References