CVE-2018-9409

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 19, 2024

Updated: Nov 20, 2024

CWE ID 787

Summary

CVE-2018-9409 is a vulnerability affecting the HWCSession::SetColorModeById function in hwc_session.cpp. This issue involves a missing bounds check, which could result in a possible out-of-bounds write. Successful exploitation of this vulnerability allows for local privilege escalation without requiring any additional execution privileges. User interaction is not necessary for an attacker to leverage this weakness.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/WISrCL
https://www.cve.org/CVERecord?id=CVE-2018-9409
https://nvd.nist.gov/vuln/detail/CVE-2018-9409

Back to Vulnerability Database