In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.
CPE | Name | Operator | Version |
---|---|---|---|
platform/system/bt | eq | 10 | |
platform/system/bt | eq | 11 | |
platform/system/bt | eq | 8.1 | |
platform/system/bt | eq | 9 |