In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
References
| Link | Resource |
|---|---|
| https://source.android.com/docs/security/bulletin/pixel/2018-07-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
17 Jun 2026, 02:06
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (es) En prop2cfg de btif_storage.cc, existe una posible escritura fuera de límites debido a una comprobación de límites incorrecta. Esto podría llevar a la ejecución remota de código sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. |
18 Dec 2024, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:* |
|
| CWE | CWE-787 | |
| References | () https://source.android.com/docs/security/bulletin/pixel/2018-07-01 - Patch, Vendor Advisory | |
| First Time |
Google
Google android |
03 Dec 2024, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| Summary |
|
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
02 Dec 2024, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-12-02 22:15
Updated : 2026-06-17 02:06
NVD link : CVE-2018-9430
Mitre link : CVE-2018-9430
CVE.ORG link : CVE-2018-9430
JSON object : View
Products Affected
- android
