CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9361
https://notcve.org/view.php?id=CVE-2018-9361
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74202041. En process_l2cap_cmd de l2c_main.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de límites. • http://www.securityfocus.com/bid/104461 https://source.android.com/security/bulletin/2018-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9446
https://notcve.org/view.php?id=CVE-2018-9446
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80145946. En smp_br_state_machine_event de smp_br_main.cc, hay una posible escritura fuera de límites debido a la corrupción de memoria. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9358
https://notcve.org/view.php?id=CVE-2018-9358
In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-73172115. En gatts_process_attribute_req de gatt_sc.cc, hay una posible lectura de datos no inicializados debido a la falta de una comprobación de límites. • http://www.securityfocus.com/bid/104461 https://source.android.com/security/bulletin/2018-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9357
https://notcve.org/view.php?id=CVE-2018-9357
In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856. En BNEP_Write de bnep_api.cc, hay una posible escritura fuera de límites debido a una comprobación de límites incorrecta. • http://www.securityfocus.com/bid/104461 https://source.android.com/security/bulletin/2018-06-01 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9362
https://notcve.org/view.php?id=CVE-2018-9362
In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-72298611. En processMessagePart de InboundSmsHandler.java, hay una posible denegación de servicio (DoS) remota debido a la validación de entradas incorrecta. • http://www.securityfocus.com/bid/104461 https://source.android.com/security/bulletin/2018-06-01 • CWE-20: Improper Input Validation •