CVE-2018-9351

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 27, 2024
Updated: Nov 29, 2024
CWE ID 125

Summary

CVE-2018-9351 is a vulnerability affecting the ih264e_fmt_conv.c file in the Ih264e library. The issue involves a missing bounds check in the ih264e_fmt_conv_420p_to_420sp function, which could result in an out-of-bound read. An attacker can exploit this vulnerability to trigger a remote denial-of-service (DoS) attack without requiring additional execution privileges. User interaction is necessary for an exploit to occur.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share