216.73.217.86

CVE-2018-9365

· Published 19/11/2024 21:15 · Modified 18/12/2024 14:20

Labels: CVE-2018-9365 2024-11-19CVE-2018-9365CWE-125[email protected]

Essential information

Published
19/11/2024 21:15
Modified
18/12/2024 14:20
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS metrics

Description

In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

NVD status

Status
Analyzed — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
google / android cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
google / android cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*

References