CVE-2018-9357

CVE numbers: CVE-2018-9357 [Bulletin-CVE-2018-9357]
Coordinated disclosure?: unknown
Categories: System
Details: In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856. [NIST-CVE-2018-9357]
Discovered by: Jianjun Dai (@Jioun_dai) and Guang Gong (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd [Discovery-CVE-2018-9357] on: Unknown
Reported on: 2018-06-01 [Bulletin-CVE-2018-9357]
Fixed on: 2018-04-11 [A-74947856]
Fix released on: 2018-06-05 [Bulletin-CVE-2018-9357]
Affected versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 [Bulletin-CVE-2018-9357] regex: (6.0.[0-9])|(6.0.1)|(7.0.[0-9])|(7.1.1)|(7.1.2)|(8.0.[0-9])|(8.1.[0-9])
Affected devices:
Affected manufacturers: all [Bulletin-CVE-2018-9357]
Fixed versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1 [Bulletin-CVE-2018-9357]
Submission: by: Daniel Carter, on: 2019-07-25

AndroidVulnerabilities.org