Google Inc Android vulnerabilities

CVE-2018-9542 [HIGH] CWE-125 CVE-2018-9542: In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing In avrc_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Andr

CVE-2018-9532 [HIGH] CWE-787 CVE-2018-9532: In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112765917

CVE-2018-9522 [HIGH] CWE-787 CVE-2018-9522: In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Andr

CVE-2018-9527 [HIGH] CWE-787 CVE-2018-9527: In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing boun In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android

CVE-2018-9533 [HIGH] CWE-119 CVE-2018-9533: In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missin In ixheaacd_dec_data_init of ixheaacd_create.c there is a possible out of write read due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112766520

CVE-2018-9535 [HIGH] CWE-787 CVE-2018-9535: In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112858010

CVE-2018-9539 [HIGH] CWE-362 CVE-2018-9539: In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This co In the ClearKey CAS descrambler, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-113027383

CVE-2018-9525 [HIGH] CVE-2018-9525: In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings In the AndroidManifest.xml file defining the SliceBroadcastReceiver handler for com.android.settings.slice.action.WIFI_CHANGED, there is a possible permissions bypass due to a confused deputy. This could lead to local escalation of privilege, allowing a local attacker to change device settings, with no additional execution privileges needed. User interaction is

CVE-2018-9530 [HIGH] CWE-787 CVE-2018-9530: In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-112609715

CVE-2018-9524 [HIGH] CWE-1021 CVE-2018-9524: In functionality implemented in System UI, there are insufficient protections implemented around ove In functionality implemented in System UI, there are insufficient protections implemented around overlay windows. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Andro

CVE-2018-9540 [HIGH] CWE-125 CVE-2018-9540: In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible out of bounds read due to a miss In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-

CVE-2018-9545 [HIGH] CWE-787 CVE-2018-9545: In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bound In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113111784

CVE-2018-9541 [HIGH] CWE-125 CVE-2018-9541: In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of-bounds read due to a missing In avrc_pars_vendor_rsp of avcr_pars_ct.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 And

CVE-2018-9521 [HIGH] CWE-787 CVE-2018-9521: In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an inco In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331

CVE-2018-9523 [HIGH] CWE-20 CVE-2018-9523: In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization In Parcel.writeMapInternal of Parcel.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2

CVE-2018-9544 [MEDIUM] CWE-125 CVE-2018-9544: In register_app of btif_hd.cc, there is a possible out-of-bounds read due to a missing bounds check. In register_app of btif_hd.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113037220

CVE-2018-9457 [MEDIUM] CWE-862 CVE-2018-9457: In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve contact In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve contact information due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Andro

CVE-2018-9543 [MEDIUM] CWE-200 CVE-2018-9543: In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a In trim_device of f2fs_format_utils.c, it is possible that the data partition is not wiped during a factory reset. This could lead to local information disclosure after factory reset with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Androi

CVE-2018-9347 [MEDIUM] CWE-20 CVE-2018-9347: In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infi In function SMF_ParseMetaEvent of file eas_smf.c there is incorrect input validation causing an infinite loop. This could lead to a remote temporary DoS with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Andro

CVE-2018-9356 [CRITICAL] CWE-415 CVE-2018-9356: In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. Thi In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1