Out of Bounds Read Vulnerability in Android NFC (CVE-2019-9506)

Out of Bounds Read Vulnerability in Android NFC (CVE-2019-9506)

CVE-2018-9594 · LOW Severity

AV:A/AC:L/AU:N/C:P/I:N/A:N

In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-116791157.

Learn more about our Cis Benchmark Audit For Google Android.