Mihai Popa

**Name of the Vulnerable Software and Affected Versions** Android versions Android-7.0 through Android-9.0 **Description** The issue is related to a possible application hang due to a slow width calculation in the `getOffsetForHorizontal` function of `Layout.java`. This could lead to a remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges needed. User interaction is necessary for exploitation. The vulnerability is also associated with incorrect resource cleanup or release, which may allow a remote attacker to cause a denial of service. **Recommendations** For Android versions Android-7.0 through Android-9.0, consider restricting the use of the `getOffsetForHorizontal` function in `Layout.java` to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using contacts with many hidden unicode characters in local apps to reduce the likelihood of triggering the issue.