CVE-2018-9428
CVSS 3.1 Score 8.4 of 10 (high)
Details
Published Nov 19, 2024
Updated: Nov 21, 2024
CWE ID 787
Summary
CVE-2018-9428 is a vulnerability affecting the Android operating system. In the file AAudioServiceStreamBase.cpp, there is a use-after-free condition in the 'startDevice' function. This issue results in a possible out-of-bounds write, which could be exploited to execute arbitrary code locally. No additional privileges are required for the exploitation, but user interaction is needed to trigger the vulnerability. (Source: Android Security Bulletin, July 2018)
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android