Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0022 PoC — Android 缓冲区错误漏洞

Source
https://github.com/devdanqtuan/poc-for-cve-2020-0022
Associated Vulnerability
Title:Android 缓冲区错误漏洞 (CVE-2020-0022)
Description:Android是美国谷歌(Google)和开放手持设备联盟(简称OHA)的一套以Linux为基础的开源操作系统。 Android中的packet_fragmenter.cc文件的‘reassemble_and_dispatch’函数存在缓冲区错误漏洞,该漏洞源于错误的边界计算。远程攻击者可利用该漏洞执行代码。以下产品及版本受到影响:Android 8.0版本,8.1版本,9版本,10版本。
Description
cve-2020-0022
Readme
# cve-2020-0022

poc for cve-2020-0022

## usage 

`gcc poc.c -lbluetooth -o poc`

`poc MAC_ADDR`

## info

- This poc should be stable on android 8.1.0,once it run into truncating packet, crash. But it cloud be very unstable, on Samsung s9 plus surely unstable.
- Run poc on raspberry pi 3B has been tested okay.
- run ubuntu/arch with vmware in windows 10 on thinkpad x1c 2018 or ubuntu with pd in mac os x could not run into truncating code , don't know why.

## Test List
- OnePlus 5T with Android 8.1.0: stable.
- Samsung s9 plus with Android 9.0: unstable.
- Nova 3 with Android 9: stable.
File Snapshot

 [4.0K]  /data/pocs/99e746204aeee3f6ea72f7c1e0e4668b7172a3ba
├── [ 129]  Makefile
├── [4.0K]  poc.c
└── [ 596]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.