Google Inc Android vulnerabilities

CVE-2018-9415 [HIGH] CWE-415 CVE-2018-9415: In driver_override_store and driver_override_show of bus.c, there is a possible double free due to i In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.

CVE-2018-9362 [HIGH] CWE-20 CVE-2018-9362: In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-

CVE-2018-9438 [MEDIUM] CVE-2018-9438: When a device connects only over WiFi VPN, the device may not receive security updates due to some i When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of security updates with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android ID: A-78644887.

CVE-2018-9437 [MEDIUM] CWE-125 CVE-2018-9437: In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This c In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Andro

CVE-2018-9454 [MEDIUM] CWE-125 CVE-2018-9454: In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds che In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0

CVE-2018-9451 [MEDIUM] CWE-125 CVE-2018-9451: In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missi In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.

CVE-2018-9453 [MEDIUM] CWE-125 CVE-2018-9453: In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds c In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8

CVE-2018-9444 [MEDIUM] CWE-835 CVE-2018-9444: In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite lo In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Androi

CVE-2018-9445 [MEDIUM] CWE-22 CVE-2018-9445: In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-

CVE-2018-9476 [CRITICAL] CWE-416 CVE-2018-9476: In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper loc In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-10969911

CVE-2018-9501 [HIGH] CVE-2018-9501: In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. In the SetupWizard, there is a possible Factory Reset Protection bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A

CVE-2018-9503 [HIGH] CWE-125 CVE-2018-9503: In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missi In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 A

CVE-2018-9498 [HIGH] CWE-190 CVE-2018-9498: In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overf In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855

CVE-2018-9497 [HIGH] CWE-787 CVE-2018-9497: In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bou In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 And

CVE-2018-9514 [HIGH] CWE-416 CVE-2018-9514: In sdcardfs_open of file.c, there is a possible Use After Free due to an unusual root cause. This co In sdcardfs_open of file.c, there is a possible Use After Free due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111642636 References: N/A

CVE-2018-9515 [HIGH] CWE-119 CVE-2018-9515: In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to impro In sdcardfs_create and sdcardfs_mkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111641492 References: N/A

CVE-2018-9504 [HIGH] CWE-787 CVE-2018-9504: In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrec In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android

CVE-2018-9490 [HIGH] CWE-704 CVE-2018-9490: In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type co In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0

CVE-2018-9491 [HIGH] CWE-190 CVE-2018-9491: In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Androi

CVE-2018-9496 [HIGH] CWE-787 CVE-2018-9496: In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924