CVE-2018-9390
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Published Dec 5, 2024
Updated: Dec 19, 2024
CWE ID 125
Summary
CVE-2018-9390 is a vulnerability affecting a function in gl_proc.c named procfile_write. The issue lies in an incorrect bounds check, resulting in a possible out-of-bounds read of a function pointer. This flaw can lead to local privilege escalation, granting System execution privileges to an attacker without requiring user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android