CVE-2018-9381 – This vulnerability in Android's Bluetooth GATT ... (How to Fix)

Q: What is the severity of CVE-2018-9381?

CVE-2018-9381 has a CVSS score of 7.5 (HIGH). This vulnerability in Android's Bluetooth GATT server allows remote attackers to read uninitialized memory from affected devices without user interaction. It affects Android devices running vulnerable versions, potentially exposing sensitive information from device memory to nearby Bluetooth-enabled attackers.

📋 TL;DR

This vulnerability in Android's Bluetooth GATT server allows remote attackers to read uninitialized memory from affected devices without user interaction. It affects Android devices running vulnerable versions, potentially exposing sensitive information from device memory to nearby Bluetooth-enabled attackers.

💻 Affected Systems

Products:

Android

Versions: Android 8.0 and 8.1

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices with Bluetooth enabled. Pixel devices specifically mentioned in bulletin.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could read sensitive data from device memory including authentication tokens, encryption keys, or personal information without any user interaction.

🟠

Likely Case

Nearby attacker with Bluetooth access could read random memory contents, potentially exposing some device information or application data.

🟢

If Mitigated

With proper Bluetooth security controls and updated devices, risk is minimal as the vulnerability requires Bluetooth to be enabled and attackers to be in proximity.

🌐 Internet-Facing: LOW - This is a Bluetooth vulnerability requiring proximity, not internet-facing.

🏢 Internal Only: MEDIUM - Within Bluetooth range, attackers could exploit this without authentication.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires Bluetooth proximity and knowledge of Bluetooth Low Energy protocols.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level 2018-06-05 or later

Vendor Advisory: https://source.android.com/docs/security/bulletin/pixel/2018-06-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > Advanced > System update. 2. Install the June 2018 security patch or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable Bluetooth when not in use

Android

Turn off Bluetooth to prevent exploitation as the vulnerability requires Bluetooth to be active.

adb shell settings put global bluetooth_on 0
Or manually disable in Settings > Connected devices > Connection preferences > Bluetooth

🧯 If You Can't Patch

Disable Bluetooth completely on affected devices
Restrict Bluetooth usage to trusted, controlled environments only

🔍 How to Verify

Check if Vulnerable:

Check Android version and security patch level in Settings > About phone > Android version > Security patch level. If before June 2018 and running Android 8.0/8.1, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Security patch level shows 2018-06-05 or later in Settings > About phone.

📡 Detection & Monitoring

Log Indicators:

Unusual Bluetooth GATT read requests
Bluetooth stack crashes or anomalies

Network Indicators:

Suspicious Bluetooth Low Energy traffic patterns
Multiple GATT read_by_type requests from unknown devices

SIEM Query:

bluetooth AND (gatt OR "read_by_type") AND anomaly

📊 Metadata

CVE ID: CVE-2018-9381

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-908

Published: December 2, 2024

Last Updated: December 18, 2024

🔗 References

https://source.android.com/docs/security/bulletin/pixel/2018-06-01 Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-9381, you might also want to check these: