CVE-2018-9340

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 19, 2024

Updated: Nov 22, 2024

CWE ID 125

CWE ID 787

Summary

CVE-2018-9340 is a vulnerability affecting the ResourceTypes.cpp file in ResStringPool::setTo function. An attacker can manipulate the value of mStringPoolSize, leading to out-of-bounds behavior and disclosing sensitive information. This issue poses a potential risk for information leakage. The vulnerability is located in the handling of string pool sizes and could be exploited through a crafted input. It is recommended that affected systems be updated to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/WIR8j6
https://www.cve.org/CVERecord?id=CVE-2018-9340
https://nvd.nist.gov/vuln/detail/CVE-2018-9340

Back to Vulnerability Database