CVE-2020-0022
First published: Mon Feb 03 2020(Updated: )
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Android | =8.0 | |
| Android | =8.1 | |
| Android | =9.0 | |
| Android | =10.0 | |
| All of | ||
| Huawei Mate 20 RS Firmware | <10.0.0.195\(c00e74r3p8\) | |
| Huawei Mate 20 Pro | ||
| All of | ||
| Huawei Mate 20 Pro | <10.0.0.196\(c185e7r2p4\) | |
| Huawei Mate 20 Pro | ||
| All of | ||
| Huawei Mate 20 X Firmware | <10.0.0.195\(c00e74r2p8\) | |
| Huawei Mate 20 X Firmware | ||
| All of | ||
| Huawei P Smart Firmware | <9.1.0.193\(c605e6r1p5t8\) | |
| Huawei P Smart Firmware | ||
| All of | ||
| Huawei P Smart Firmware | <10.0.0.180\(c185e3r4p1\) | |
| Huawei P Smart 2019 Firmware | ||
| All of | ||
| Huawei P20 Firmware | <10.0.0.162\(c00e156r1p4\) | |
| HUAWEI P20 | ||
| All of | ||
| Huawei P20 Pro Firmware | <10.0.0.162\(c00e156r1p4\) | |
| HUAWEI P20 Pro | ||
| All of | ||
| Huawei P30 Firmware | <10.0.0.190\(c432e22r2p5\) | |
| HUAWEI P30 | ||
| All of | ||
| Huawei P30 Pro Firmware | <10.0.0.195\(c00e85r2p8\) | |
| Huawei P30 Pro Firmware | ||
| All of | ||
| Huawei Y6 2019 | <9.1.0.290\(c185e5r4p1\) | |
| Huawei Y6 2019 | ||
| All of | ||
| Huawei Y6 Pro 2019 | <9.1.0.290\(c636e5r3p1\) | |
| Huawei Y6 Pro 2019 Firmware | ||
| All of | ||
| Huawei Y9 2019 Firmware | <9.1.0.264\(c185e2r5p1t8\) | |
| Huawei Y9 2019 Firmware | ||
| All of | ||
| Huawei Nova 3 Firmware | <9.1.0.338\(c00e333r1p1t8\) | |
| Huawei Nova 3 Firmware | ||
| All of | ||
| Huawei Nova Lite 3 Firmware | <9.1.0.322\(c635e8r2p2\) | |
| Huawei Nova Lite 3 Firmware | ||
| All of | ||
| Huawei Honor 8A Firmware | <9.1.0.291\(c185e3r4p1\) | |
| Huawei Honor 8A Firmware | ||
| All of | ||
| Huawei Honor 8X Firmware | <10.0.0.183\(c185e2r6p1\) | |
| Huawei Honor 8X | ||
| All of | ||
| HUAWEI Honor V20 firmware | <10.0.0.195\(c636e3r4p3\) | |
| Huawei Honor View 20 Firmware | ||
| All of | ||
| Huawei Mate 30 Pro Firmware | <10.0.0.203\(c00e202r7p2\) | |
| Huawei Mate 30 Pro | ||
| All of | ||
| Huawei Mate 30 Firmware | <10.0.0.203\(c00e202r7p2\) | |
| HUAWEI Mate 30 | ||
| All of | ||
| Huawei Mate 30 Pro 5G | <10.0.0.203\(c00e202r7p2\) | |
| Huawei Mate 30 Pro | ||
| All of | ||
| Huawei Mate 30 5G Firmware | <10.0.0.203\(c00e202r7p2\) | |
| HUAWEI Mate 30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://android.googlesource.com/platform/system/bt/+/3cb7149d8fed2d7d77ceaa95bf845224c4db3baf
- https://source.android.com/docs/security/bulletin/2020-02-01 (Advisory)
- http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html
- http://seclists.org/fulldisclosure/2020/Feb/10
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en
- https://source.android.com/security/bulletin/2020-02-01
Frequently Asked Questions
What is the severity of CVE-2020-0022?
CVE-2020-0022 has a high severity because it can lead to remote code execution without additional execution privileges.
How do I fix CVE-2020-0022?
To fix CVE-2020-0022, update your Android device to the latest security patch provided by Google.
What vulnerabilities does CVE-2020-0022 exploit?
CVE-2020-0022 exploits an out of bounds write due to incorrect bounds calculation in the Bluetooth module.
Which Android versions are affected by CVE-2020-0022?
CVE-2020-0022 affects Android versions 8.0, 8.1, 9.0, and 10.0.
Is user interaction required to exploit CVE-2020-0022?
No, user interaction is not required for exploiting CVE-2020-0022.
- agent/references
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/remedy
- agent/description
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- vendor/google
- canonical/android
- version/android/8.0
- version/android/8.1
- version/android/9.0
- version/android/10.0
- vendor/huawei
- canonical/huawei mate 20 rs firmware
- canonical/huawei mate 20 pro
- canonical/huawei mate 20 x firmware
- canonical/huawei p smart firmware
- canonical/huawei p smart 2019 firmware
- canonical/huawei p20 firmware
- canonical/huawei p20
- canonical/huawei p20 pro firmware
- canonical/huawei p20 pro
- canonical/huawei p30 firmware
- canonical/huawei p30
- canonical/huawei p30 pro firmware
- canonical/huawei y6 2019
- canonical/huawei y6 pro 2019
- canonical/huawei y6 pro 2019 firmware
- canonical/huawei y9 2019 firmware
- canonical/huawei nova 3 firmware
- canonical/huawei nova lite 3 firmware
- canonical/huawei honor 8a firmware
- canonical/huawei honor 8x firmware
- canonical/huawei honor 8x
- canonical/huawei honor v20 firmware
- canonical/huawei honor view 20 firmware
- canonical/huawei mate 30 pro firmware
- canonical/huawei mate 30 pro
- canonical/huawei mate 30 firmware
- canonical/huawei mate 30
- canonical/huawei mate 30 pro 5g
- canonical/huawei mate 30 5g firmware