Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0022 PoC — Android 缓冲区错误漏洞

Source
https://github.com/leommxj/cve-2020-0022
Associated Vulnerability
Title:Android 缓冲区错误漏洞 (CVE-2020-0022)
Description:In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
Description
poc for cve-2020-0022
Readme
# cve-2020-0022

poc for cve-2020-0022

## usage 

`gcc poc.c -lbluetooth -o poc`

`poc MAC_ADDR`

## info

- This poc should be stable on android 8.1.0,once it run into truncating packet, crash. But it cloud be very unstable, on Samsung s9 plus surely unstable.
- Run poc on raspberry pi 3B has been tested okay.
- run ubuntu/arch with vmware in windows 10 on thinkpad x1c 2018 or ubuntu with pd in mac os x could not run into truncating code , don't know why.

## Test List
- OnePlus 5T with Android 8.1.0: stable.
- Samsung s9 plus with Android 9.0: unstable.
- Nova 3 with Android 9: stable.
File Snapshot

 [4.0K]  /data/pocs/c853b93eb7886fa53ebff575e096029b8e4459c8
├── [ 129]  Makefile
├── [4.0K]  poc.c
└── [ 596]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →