CVE-2018-9540
The CVE-2018-9540 issue affects Android’s Bluetooth stack. In avrc_ctrl_pars_vendor_rsp (avrc_pars_ct.c) a missing bounds check allows an out-of-bounds read, enabling remote information disclosure over Bluetooth without user interaction or added privileges. Affected: Android 7.0–9 (Android-7.0, 7...