In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Dec 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* |
Tue, 03 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Google
Google android Google pixel |
|
Weaknesses | CWE-120 | |
CPEs | cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:* cpe:2.3:o:google:android:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Google
Google android Google pixel |
|
Metrics |
cvssV3_1
|
Mon, 02 Dec 2024 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2024-12-02T21:23:20.707Z
Updated: 2024-12-03T15:12:16.153Z
Reserved: 2018-04-05T00:00:00.000Z
Link: CVE-2018-9418
Vulnrichment
Updated: 2024-12-03T15:10:17.920Z
NVD
Status : Analyzed
Published: 2024-12-02T22:15:08.727
Modified: 2024-12-18T19:26:14.133
Link: CVE-2018-9418
Redhat
No data.