{ "dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": { "cveId": "CVE-2018-9390", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2018-04-05T00:00:00.000Z", "datePublished": "2024-12-05T22:23:33.742Z", "dateUpdated": "2024-12-06T16:34:19.189Z" }, "containers": { "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [ { "status": "affected", "version": "Kernel" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In procfile_write of gl_proc.c, there is a possible out of bounds read of a
function pointer due to an incorrect bounds check. This could lead to local
escalation of privilege with System execution privileges needed. User
interaction is not needed for exploitation." } ], "value": "In procfile_write of gl_proc.c, there is a possible out of bounds read of a\n function pointer due to an incorrect bounds check. This could lead to local\n escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation." } ], "providerMetadata": { "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2024-12-05T22:23:33.742Z" }, "references": [ { "url": "https://source.android.com/security/bulletin/pixel/2018-06-01" } ], "source": { "discovery": "UNKNOWN" }, "x_generator": { "engine": "Vulnogram 0.2.0" } }, "adp": [ { "problemTypes": [ { "descriptions": [ { "type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read" } ] } ], "affected": [ { "vendor": "google", "product": "android", "cpes": [ "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "versions": [ { "version": "kernel", "status": "affected" } ] } ], "metrics": [ { "cvssV3_1": { "scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH" } }, { "other": { "type": "ssvc", "content": { "timestamp": "2024-12-06T16:30:33.536546Z", "id": "CVE-2018-9390", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-06T16:34:19.189Z" } } ] } }