CVE-2018-9404 — Integer Overflow or Wraparound in Google Android
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 96.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 5
Description
In oemCallback of ril.cpp, there is a possible out of bounds write due to an
integer overflow. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not needed for
exploitation.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9