2 matches found
CVE-2017-13288
In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch. This could lead to a local escalation of privilege where the user can start an activity with system privileges, with no additional execution privileges needed. User...
CVE-2017-13288
CVE-2017-13288 affects Android 8.0 and 8.1, with a vulnerability in writeToParcel/readFromParcel of the PeriodicAdvertisingReport.java file caused by a 64/32-bit int mismatch. This leads to a permission bypass and potential local elevation of privilege by starting an activity with system privileg...