CVE-2017-13257

Name of the Vulnerable Software and Affected Versions: Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1

Description: The issue is related to a use after free in the bta pan data buf ind cback function of bta pan act.cc, which can cause an out of bounds read of memory allocated via malloc. This could lead to information disclosure without requiring additional execution privileges. User interaction is necessary for exploitation.

Recommendations: For Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1, update to a version that contains the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.