Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-9481

In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Published

2024-11-20T18:15:19.940

Last Modified

2024-12-18T18:49:52.937

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-190
Type: Secondary
CWE-125
CWE-190

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	google	android	8.0	Yes
Operating System	google	android	8.1	Yes
Operating System	google	android	9.0	Yes
Application	apache	traffic_server	≤ 6.2.3	Yes
Application	apache	traffic_server	< 7.1.10	Yes
Application	apache	traffic_server	< 8.0.7	Yes

References

https://lists.apache.org/thread.html/rcb8bae0b289d71d18a3220be256c1dfcc4d9ab49d2d6e07d1eac7c9d@%3Cdev.trafficserver.apache.org%3E Mailing List ([email protected])