CVE-2018-9395

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 4, 2024
Updated: Dec 18, 2024
CWE ID 787

Summary

CVE-2018-9395 is a vulnerability affecting the mtk_cfg80211_vendor_packet_keep_Alive_start and mtk_cfg80211_vendor_set_config functions in the drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c file. The issue involves a missing bounds check, which could result in an out-of-bounds (OOB) write. Successful exploitation of this vulnerability could lead to local privilege escalation, granting attackers System execution privileges without the need for user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share