Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2018-9372

Nov. 19, 2024, 9:56 p.m.

Product(s) Impacted

Android Bootloader

Description

In cmd_flash_mmc_sparse_img of dl_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege in the bootloader with no additional execution privileges needed. User interaction is not needed for exploitation.

Weaknesses

Date

Published: Nov. 19, 2024, 8:15 p.m.

Last Modified: Nov. 19, 2024, 9:56 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@android.com

References

https://source.android.com/ security@android.com