packages_modules_Bluetooth.git - packages_modules

diff options

author	Brian Delwiche <delwiche@google.com>	2025-01-15 23:10:51 +0000
committer	aoleary <seanm187@gmail.com>	2025-07-09 07:12:43 +0000
commit	e86a12a29106ac2c69dee480638565638994dde2 (patch)
tree	1733f1475700e94eec304d6da74ed7b6e448138b /system/stack/test/common/stack_test_packet_utils.h
parent	5bc4103138ef6da65a02b5e8d1737904e5f4d212 (diff)

Fix authentication bypass bug in SMP

It is possible for a malicious peer to bypass SMP authentication by claiming to have OOB data and proceeding with pairing, exploiting the fact that the Android stack sets the OOB randomizer to zero if no local OOB data is available. Drop the connection if a peer claims it has OOB data but no local OOB data has been stored. Bug: 251514171 Test: m com.android.btservices Ignore-AOSP-First: security Tag: #security (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:83e55e8a316e319c82f727763ab791bfc24404dd) Merged-In: Ib87574bd455bcc673a7e58283fd22342cf924cfd Change-Id: Ib87574bd455bcc673a7e58283fd22342cf924cfd

Diffstat (limited to 'system/stack/test/common/stack_test_packet_utils.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: