Sign-up

ID

VAR-201603-0018


CVE

CVE-2016-0830


TITLE

Android of Bluetooth of btif_config.c Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2016-001807

DESCRIPTION

btif_config.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service (memory corruption and persistent daemon crash) by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bug 26071376. Android of Bluetooth of btif_config.c There is a service disruption ( Memory corruption and persistent daemon crash ) There are vulnerabilities that are put into a state. Vendors have confirmed this vulnerability Bug 26071376 It is released as.A third party is triggered to register a large amount of settings, and as a result, the maximum size of the settings file is exceeded. ( Memory corruption and persistent daemon crash ) There is a possibility of being put into a state. GoogleNexus is a series of smart devices based on the Android operating system developed by Google Inc. of the United States, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. Bluetooth is one of the Bluetooth components. A security vulnerability exists in the Bluetooth component of previous versions of GoogleNexusBuildsLMY49H

Trust: 2.25

sources: NVD: CVE-2016-0830 // JVNDB: JVNDB-2016-001807 // CNVD: CNVD-2016-01545 // VULMON: CVE-2016-0830

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-01545

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:6.0.1

Trust: 1.6

vendor:googlemodel:androidscope:eqversion:6.0

Trust: 1.6

vendor:googlemodel:androidscope:ltversion:2016-03-01 earlier 6.x

Trust: 0.8

vendor:googlemodel:nexus lmy49hscope:ltversion: -

Trust: 0.6

sources: CNVD: CNVD-2016-01545 // JVNDB: JVNDB-2016-001807 // CNNVD: CNNVD-201603-091 // NVD: CVE-2016-0830

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-0830
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-0830
value: LOW

Trust: 0.8

CNVD: CNVD-2016-01545
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201603-091
value: LOW

Trust: 0.6

VULMON: CVE-2016-0830
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2016-0830
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2016-01545
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2016-0830
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: CNVD: CNVD-2016-01545 // VULMON: CVE-2016-0830 // JVNDB: JVNDB-2016-001807 // CNNVD: CNNVD-201603-091 // NVD: CVE-2016-0830

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.8

sources: JVNDB: JVNDB-2016-001807 // NVD: CVE-2016-0830

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201603-091

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201603-091

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-001807

PATCH
title:Fix crashes with lots of discovered LE devicesurl:https://android.googlesource.com/platform/system/bt/+/d77f1999ecece56c1cbb333f4ddc26f0b5bac2c5
Trust: 0.8
title:Nexus Security Bulletin - March 2016url:http://source.android.com/security/bulletin/2016-03-01.html
Trust: 0.8
title:Patch for the GoogleNexusBluetooth component denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/72460
Trust: 0.6
title:Android Bluetooth Fixes for component denial of service vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60451
Trust: 0.6
title:Android Security Bulletins: Nexus Security Bulletin - March 2016url:https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=bdec4bc902496de72a50f4fbaa9a726a
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01545 // 
            
            
            
            VULMON: CVE-2016-0830 // 
            
            
            
            JVNDB: JVNDB-2016-001807 // 
            
            
            
            CNNVD: CNNVD-201603-091

EXTERNAL IDS
db:NVDid:CVE-2016-0830
Trust: 3.1
db:SECUNIAid:69391
Trust: 1.2
db:BIDid:84270
Trust: 1.1
db:JVNDBid:JVNDB-2016-001807
Trust: 0.8
db:CNVDid:CNVD-2016-01545
Trust: 0.6
db:CNNVDid:CNNVD-201603-091
Trust: 0.6
db:VULMONid:CVE-2016-0830
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01545 // 
            
            
            
            VULMON: CVE-2016-0830 // 
            
            
            
            JVNDB: JVNDB-2016-001807 // 
            
            
            
            CNNVD: CNNVD-201603-091 // 
            
            
            
            NVD: CVE-2016-0830

REFERENCES
url:http://source.android.com/security/bulletin/2016-03-01.html
Trust: 2.4
url:https://android.googlesource.com/platform/system/bt/+/d77f1999ecece56c1cbb333f4ddc26f0b5bac2c5
Trust: 1.7
url:http://secunia.com/advisories/69391
Trust: 1.2
url:http://www.securityfocus.com/bid/84270
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0830
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0830
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01545 // 
            
            
            
            VULMON: CVE-2016-0830 // 
            
            
            
            JVNDB: JVNDB-2016-001807 // 
            
            
            
            CNNVD: CNNVD-201603-091 // 
            
            
            
            NVD: CVE-2016-0830

SOURCES
db:CNVDid:CNVD-2016-01545
db:VULMONid:CVE-2016-0830
db:JVNDBid:JVNDB-2016-001807
db:CNNVDid:CNNVD-201603-091
db:NVDid:CVE-2016-0830

LAST UPDATE DATE
2025-04-13T20:46:22.482000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-01545date:2016-03-10T00:00:00
db:VULMONid:CVE-2016-0830date:2016-11-28T00:00:00
db:JVNDBid:JVNDB-2016-001807date:2016-03-22T00:00:00
db:CNNVDid:CNNVD-201603-091date:2016-03-14T00:00:00
db:NVDid:CVE-2016-0830date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-01545date:2016-03-10T00:00:00
db:VULMONid:CVE-2016-0830date:2016-03-12T00:00:00
db:JVNDBid:JVNDB-2016-001807date:2016-03-22T00:00:00
db:CNNVDid:CNNVD-201603-091date:2016-03-09T00:00:00
db:NVDid:CVE-2016-0830date:2016-03-12T21:59:15.057