In bta_hd_get_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.
References
| Link | Resource |
|---|---|
| https://source.android.com/security/bulletin/2018-09-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
17 Jun 2026, 02:06
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (es) En bta_hd_get_report_act de bta_hd_act.cc, hay una posible lectura fuera de límites debido a una validación de entrada incorrecta. Esto podría llevar a una revelación de información remota en el servicio Bluetooth sin necesidad de privilegios de ejecución adicionales. No se necesita interacción del usuario para la explotación. |
18 Dec 2024, 19:02
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Google
Google android |
|
| References | () https://source.android.com/security/bulletin/2018-09-01 - Patch, Vendor Advisory | |
| CPE | cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:* |
|
| Summary |
|
20 Nov 2024, 19:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
| CWE | CWE-125 |
20 Nov 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-20 18:15
Updated : 2026-06-17 02:06
NVD link : CVE-2018-9480
Mitre link : CVE-2018-9480
CVE.ORG link : CVE-2018-9480
JSON object : View
Products Affected
- android
CWE
CWE-125
Out-of-bounds Read
