QwikSec

Security Database

CVE

CWE

Training

CVE-2018-9507

Published: Oct 2, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

In bta_av_proc_meta_cmd of bta_av_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111893951

Vendor	Product	Versions
Google Inc.	Android	affected `Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0`

References

https://android.googlesource.com/platform/system/bt/+/30cec963095366536ca0b1306089154e09bfe1a9

x_refsource_MISC

vdb-entry

x_refsource_BID

https://source.android.com/security/bulletin/2018-10-01%2C

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.