CVE-2018-9594

Summary

In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116791157.

Affected Software

VendorProductVersion RangeStatus
*** n/a ***AndroidAndroid-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References