CVE-2018-9344

HIGH

Android - Use-After-Free in DescramblerImpl.cpp

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-9344. PoCs published by codecat007.

AI-analyzed exploit summary This repository contains functional exploit code for multiple Android Bluetooth vulnerabilities, including CVE-2018-9344. The PoC for CVE-2017-13281 demonstrates a vulnerability in the Bluedroid stack by replacing the avrcp.c file and compiling it to trigger the exploit during Bluetooth pairing.

Description

In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (1)

github WORKING POC 8 stars
by codecat007 · cpoc
https://github.com/codecat007/cvehub/tree/main/android/securityPatch/CVE-2018-9344

This repository contains functional exploit code for multiple Android Bluetooth vulnerabilities, including CVE-2018-9344. The PoC for CVE-2017-13281 demonstrates a vulnerability in the Bluedroid stack by replacing the avrcp.c file and compiling it to trigger the exploit during Bluetooth pairing.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Android Bluedroid Bluetooth stack (versions affected by CVE-2018-9344 and related CVEs)
No auth needed
Prerequisites: Access to the target device's Bluetooth interface · Ability to compile and replace the avrcp.c file in the Bluedroid stack · Physical proximity for Bluetooth pairing
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0004
EPSS Percentile 11.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-667 CWE-416
Status published
Products (1)
google/android 8.1
Published Nov 19, 2024
Tracked Since Feb 18, 2026