[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-9508Date: (C)2018-10-04   (M)2023-12-22


In smp_process_keypress_notification of smp_act.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-111936834

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.5CVSS Score : 6.1
Exploit Score: 2.8Exploit Score: 6.5
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector: ADJACENT_NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
BID-105482
https://android.googlesource.com/platform/system/bt/+/e8bbf5b0889790cf8616f4004867f0ff656f0551
https://source.android.com/security/bulletin/2018-10-01
https://source.android.com/security/bulletin/2018-10-01%2C

CPE    4
cpe:/o:google:android:7.0
cpe:/o:google:android:8.0
cpe:/o:google:android:7.1.2
cpe:/o:google:android:7.1.1
...
CWE    1
CWE-125

© SecPod Technologies