CVE-2024-34722 Information

Description

In smp_proc_rand of smp_act.cc there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Reference

https://android.googlesource.com/platform/packages/modules/Bluetooth/+/456f705b9acc78d8184536baff3d21b0bc11c957 https://source.android.com/security/bulletin/2024-07-01