CVE-2018-9593

2019-02-1200:00:00

google_android

www.cve.org

AI Score

Confidence

High

EPSS

0.001

Percentile

18.3%

JSON

In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116722267.

CNA Affected

[
  {
    "product": "Android",
    "vendor": "Android",
    "versions": [
      {
        "status": "affected",
        "version": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9"
      }
    ]
  }
]

References

www.securityfocus.com/bid/106495

source.android.com/security/bulletin/2019-01-01.html