CVE-2018-9439 β€” Use After Free in Google Android

CWE-416 β€” Use After Free2 documents2 sources
Severity
6.7MEDIUMNVD
EPSS
0.0%
top 93.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedDec 5

Description

In __unregister_prot_hook and packet_release of af_packet.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages1 packages

β–ΆCVEListV5google/androidKernel

πŸ”΄Vulnerability Details

1
GHSA
GHSA-ccc5-2pmp-ch3g: In __unregister_prot_hook and packet_release of af_packet↗2024-12-05
β–Ά
CVE-2018-9439 β€” Use After Free in Google Android | cvebase