CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9502
https://notcve.org/view.php?id=CVE-2018-9502
In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111936792 En rfc_process_mx_message de rfc_ts_frames.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de límites. Esto podría llevar a una divulgación de información remota en el servicio Bluetooth sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105482 https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf https://android.googlesource.com/platform/system/bt/+/92a7bf8c44a236607c146240f3c0adc1ae01fedf%2C https://android.googlesource.com/platform/system/bt/+/9fe27a9b445f7e911286ed31c1087ceac567736b https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85 https://android.googlesource.com/platform/system/bt/+/d4a34fefbf292d1e02336e4e272da3ef1e3eef85%2C https://source.android.com/securi • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9509
https://notcve.org/view.php?id=CVE-2018-9509
In smp_proc_master_id of smp_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111937027 En smp_proc_master_id de smp_act.cc, hay una posible lectura fuera de límites debido a la falta de una comprobación de límites. Esto podría llevar a una divulgación remota de información por Buetooth sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105482 https://android.googlesource.com/platform/system/bt/+/198888b8e0163bab7a417161c63e483804ae8e31 https://source.android.com/security/bulletin/2018-10-01 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9497
https://notcve.org/view.php?id=CVE-2018-9497
In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-74078669 En impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 de impeg2_format_conv.s, hay una posible escritura fuera de límites debido a la falta de una comprobación de límites. Esto podría llevar a la ejecución remota de código sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105481 https://android.googlesource.com/platform/external/libmpeg2/+/bef16671c891e16f25a7b174bc528eea109357be https://source.android.com/security/bulletin/2018-10-01 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-9504
https://notcve.org/view.php?id=CVE-2018-9504
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-110216176 En sdp_copy_raw_data de sdp_discovery.cc, hay una posible escritura fuera de límites debido a una comprobación de límites incorrecta. Esto podría llevar a la ejecución remota de código por Bluetooth sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105482 https://android.googlesource.com/platform/system/bt/+/11fb7aa03437eccac98d90ca2de1730a02a515e2 https://source.android.com/security/bulletin/2018-10-01 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9498
https://notcve.org/view.php?id=CVE-2018-9498
In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855 En SkSampler::Fill de SkSampler.cpp, hay una posible escritura fuera de límites debido a un búfer no inicializado. Esto podría llevar a la ejecución remota de código sin necesitar privilegios de ejecución adicionales. • http://www.securityfocus.com/bid/105481 https://android.googlesource.com/platform/external/skia/+/77c955200ddd1761d6ed7a6c1578349fedbb55e4 https://source.android.com/security/bulletin/2018-10-01 https://source.android.com/security/bulletin/2018-10-01%2C • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •