CVE-2018-9479 Information

Description

In process_service_attr_req and process_service_search_attr_req of sdp_server.cc there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed.  User interaction is not needed for exploitation.

Reference

https://source.android.com/security/bulletin/2018-09-01