Lucene search

[email protected]NVD:CVE-2018-9511

HistoryOct 02, 2018 - 7:29 p.m.

CVE-2018-9511

2018-10-0219:29:13

CWE-909

[email protected]

web.nvd.nist.gov

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

5.1%

JSON

In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288

Affected configurations

Nvd

Node

googleandroidMatch9.0

VendorProductVersionCPE
googleandroid9.0cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	9.0	cpe:2.3:o:google:android:9.0:::::::*

References

www.securityfocus.com/bid/105482

android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe

source.android.com/security/bulletin/2018-10-01

source.android.com/security/bulletin/2018-10-01%2C

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2018-9511

prion1 cve1 cvelist1