Out-of-bounds

2018-11-0617:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.0%

JSON

In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-73172115.

CPENameOperatorVersion
androideq7.1.2
androideq6.0.1
androideq6.0
androideq7.0
androideq8.0
androideq7.1.1
androideq8.1

Name	Operator	Version
android	eq	7.1.2
android	eq	6.0.1
android	eq	6.0
android	eq	7.0
android	eq	8.0
android	eq	7.1.1
android	eq	8.1

References

www.securityfocus.com/bid/104461

source.android.com/security/bulletin/2018-06-01