CVE-2018-9395
CVSS 3.1 Score 6.7 of 10 (medium)
Details
Published Dec 4, 2024
Updated: Dec 18, 2024
CWE ID 787
Summary
CVE-2018-9395 is a vulnerability affecting the mtk_cfg80211_vendor_packet_keep_Alive_start and mtk_cfg80211_vendor_set_config functions in the drivers/misc/mediatek/connectivity/wlan/gen2/os/linux/gl_vendor.c file. The issue involves a missing bounds check, which could result in an out-of-bounds (OOB) write. Successful exploitation of this vulnerability could lead to local privilege escalation, granting attackers System execution privileges without the need for user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android