11 matches found
CVE-2024-34722
In smpprocrand of smpact.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Out-of-bounds
In smpprocsecreq of smpact.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0045
In smpprocsecreq of smpact.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-0045
CVE-2024-0045: A vulnerability exists in the smp_proc_sec_req function of smp_act.cc that can trigger an out-of-bounds read due to improper input validation. This may allow remote information disclosure without additional execution privileges and without user interaction. Multiple sources (Androi...
Out-of-bounds
In smpprocesskeypressnotification of smpact.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...
Out-of-bounds
In smpprocmasterid of smpact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...
CVE-2018-9508
In smpprocesskeypressnotification of smpact.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...
CVE-2018-9509
In smpprocmasterid of smpact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...
CVE-2018-9510
In smpprocencinfo of smpact.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions:...
CVE-2018-9509
CVE-2018-9509 affects Android devices with Bluetooth stack exposure. The issue is an out-of-bounds read in smp_proc_master_id of smp_act.cc due to a missing bounds check, which could allow remote information disclosure without extra privileges and without user interaction. Affected products/versi...
CVE-2018-9508
CVE-2018-9508 describes an out-of-bounds read in Bluetooth handling (smp_process_keypress_notification in smp_act.cc) that could lead to remote information disclosure without user interaction. Affected platforms include Android 7.0–8.1. The NVD notes a CVSSv3 base score of 6.5 (Attack vector: Adj...