CVE-2018-9432 Information

Description

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user’s ability to disable access to contacts with no additional execution privileges needed. User interaction is needed for exploitation.

Reference

https://source.android.com/security/bulletin/2018-07-01