CVE-2018-9542

Name of the Vulnerable Software and Affected Versions Android versions 7.0 through 9

Description A possible out of bounds read due to a missing bounds check in the avrc pars vendor rsp function of avrc pars ct.cc could lead to remote information disclosure. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations For Android versions 7.0 through 9, apply the necessary patch to fix the missing bounds check in the avrc pars vendor rsp function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.