CVE-2018-9428

CVSS 3.1 Score 8.4 of 10 (high)

Details

Published Nov 19, 2024
Updated: Nov 21, 2024
CWE ID 787

Summary

CVE-2018-9428 is a vulnerability affecting the Android operating system. In the file AAudioServiceStreamBase.cpp, there is a use-after-free condition in the 'startDevice' function. This issue results in a possible out-of-bounds write, which could be exploited to execute arbitrary code locally. No additional privileges are required for the exploitation, but user interaction is needed to trigger the vulnerability. (Source: Android Security Bulletin, July 2018)

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share