CVE-2018-9416 — Out-of-bounds Write in Google Android
Severity
10.0CRITICALNVD
EPSS
0.0%
top 87.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 5
Description
In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to
an unusual root cause. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not needed for
exploitation.
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H