In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGoogle Android
OSGoogle10.08.08.19.0Huawei Honor 8a
HWHuaweiwszystkie wersjeHuawei Honor 8a Firmware
OSHuawei< 9.1.0.291\(c185e3r4p1\)Huawei Honor 8x
HWHuaweiwszystkie wersjeHuawei Honor 8x Firmware
OSHuawei< 10.0.0.183\(c185e2r6p1\)Huawei Honor View 20
HWHuaweiwszystkie wersjeHuawei Honor View 20 Firmware
OSHuawei< 10.0.0.195\(c636e3r4p3\)Huawei Mate 20
HWHuaweiwszystkie wersjeHuawei Mate 20 Firmware
OSHuawei< 10.0.0.195\(c00e74r3p8\)Huawei Mate 20 Pro
HWHuaweiwszystkie wersjeHuawei Mate 20 Pro Firmware
OSHuawei< 10.0.0.196\(c185e7r2p4\)Huawei Mate 20 X
HWHuaweiwszystkie wersjeHuawei Mate 20 X Firmware
OSHuawei< 10.0.0.195\(c00e74r2p8\)Huawei Mate 30
HWHuaweiwszystkie wersjeHuawei Mate 30 5g
HWHuaweiwszystkie wersjeHuawei Mate 30 5g Firmware
OSHuawei< 10.0.0.203\(c00e202r7p2\)Huawei Mate 30 Firmware
OSHuawei< 10.0.0.203\(c00e202r7p2\)Huawei Mate 30 Pro
HWHuaweiwszystkie wersjeHuawei Mate 30 Pro 5g
HWHuaweiwszystkie wersjeHuawei Mate 30 Pro 5g Firmware
OSHuawei< 10.0.0.203\(c00e202r7p2\)Huawei Mate 30 Pro Firmware
OSHuawei< 10.0.0.203\(c00e202r7p2\)Huawei Nova 3
HWHuaweiwszystkie wersjeHuawei Nova 3 Firmware
OSHuawei< 9.1.0.338\(c00e333r1p1t8\)Huawei Nova Lite 3
HWHuaweiwszystkie wersjeHuawei Nova Lite 3 Firmware
OSHuawei< 9.1.0.322\(c635e8r2p2\)Huawei P20
HWHuaweiwszystkie wersjeHuawei P20 Firmware
OSHuawei< 10.0.0.162\(c00e156r1p4\)Huawei P20 Pro
HWHuaweiwszystkie wersjeHuawei P20 Pro Firmware
OSHuawei< 10.0.0.162\(c00e156r1p4\)Huawei P30
HWHuaweiwszystkie wersje
Related vulnerabilities
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who ha...
Adobe Flash Player 21.0.0.197 and earlier allows remote attackers to cause a denial of service (application cr...
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.4...
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed ...