In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges…
Link: http://www.security-database.com/detail.php?alert=CVE-2018-9355