Home

Description

In process_service_search_attr_rsp of sdp_discovery.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

PUBLISHED Reserved 2018-04-05 | Published 2024-12-03 | Updated 2024-12-03 | Assigner google_android

Product status

Default status
unaffected

6
affected

6.0.1
affected

7
affected

7.1.1
affected

7.1.2
affected

8
affected

8.1
affected

References

source.android.com/docs/security/bulletin/pixel/2018-08-01

cve.org (CVE-2018-9449)

nvd.nist.gov (CVE-2018-9449)

Download JSON