CVE-2018-9572

2018-12-0723:00:00

google_android

www.cve.org

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

43.1%

JSON

In impd_drc_parse_coeff of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116224432.

References

source.android.com/security/bulletin/2018-11-01