CVE-2018-9391
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Published Dec 5, 2024
Updated: Dec 19, 2024
CWE ID 787
Summary
CVE-2018-9391 is a vulnerability affecting the Mediatek GPS driver's update_gps_sv and output_vzw_debug functions in the gpshal_wor.c file. The issue stems from a missing bounds check, which creates an opportunity for a possible out-of-bounds write. Successful exploitation of this vulnerability could result in local privilege escalation, granting attackers System execution privileges without requiring user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android