1378 matches found
CVE-2018-9433
CVE-2018-9433 affects Android’s Framework via the ArrayConcatVisitor in builtins-array.cc, where improper input validation can cause a type confusion vulnerability. The issue could allow remote code execution without extra privileges, with exploitation requiring user interaction per the primary d...
CVE-2018-9432
CVE-2018-9432 affects Android components in BluetoothPermissionActivity.java (specifically in createPhonebookDialogView and createMapDialogView), where a permissions bypass could allow local elevation of privilege by hiding and bypassing the user’s ability to disable access to contacts. The descr...
CVE-2018-9428
CVE-2018-9428 : The issue affects Android’s AAudio service (AAudioServiceStreamBase.cpp, startDevice) and is caused by an out-of-bounds write stemming from a use-after-free. This can lead to local arbitrary code execution with high impact (confidentiality, integrity, and availability) as describe...
CVE-2018-9424
CVE-2018-9424 concerns an out-of-bounds write in CryptoPlugin::decrypt (CryptoPlugin.cpp) that could allow local escalation of privilege with no user interaction. Exploitation details are not provided in the documents; the Android Security Bulletin catalogs this CVE under Media framework issues w...
CVE-2018-9421
CVE-2018-9421 is a local information-disclosure flaw in Android’s Media framework involving Parcel.cpp writeInplace and Binder; uninitialized data could leak across processes. Current documents confirm the issue and indicate it affects Android devices via local access with no user interaction. Th...
CVE-2018-9420
CVE-2018-9420 affects Android’s BnCameraService::onTransact in CameraService.cpp, enabling information disclosure via uninitialized data with local access and no user interaction. The issue is categorized as an Information Disclosure (ID) in the Android 2018-07-01/2018-07-05 patch-level bulletin,...
CVE-2018-9410
CVE-2018-9410 describes an out-of-bounds read in the Android Framework via FontUtils.cpp -> analyzeAxes, causing local information disclosure with no extra privileges and no user interaction. The connected Android bulletin lists CVE-2018-9410 under the Framework section with High severity, not...
CVE-2018-9365
CVE-2018-9365 describes a potential out-of-bounds read in the SMP L2C data path (smp_data_received in smp_l2c.cc) that could lead to remote code execution. Exploitation requires user interaction. Multiple connected sources (RH, NVD, CVE lists, Android bulletin) confirm the issue and its remote-co...
CVE-2018-9409
The CVE-2018-9409 entry affects Android’s Media framework, specifically the HWC (Hardware Composer) path: HWCSession::SetColorModeById in hwc_session.cpp. The root cause is a missing bounds check, leading to a possible out-of-bounds write. This could enable local elevation of privilege with no ad...
CVE-2018-9372
CVE-2018-9372 : The issue is in the Android bootloader path (cmd_flash_mmc_sparse_img in dl_commands.c) where there is a possible out-of-bounds write caused by a missing bounds check. This could allow a local escalation of privilege in the bootloader without additional execution privileges and wi...
CVE-2018-9371
CVE-2018-9371 affects the Mediatek Preloader/bootloader. It describes out-of-bounds reads/writes via an exposed interface that permits arbitrary peripheral memory mapping due to insufficient blacklisting/whitelisting. Under the described conditions, this can enable local elevation of privilege wi...
CVE-2018-9370
CVE-2018-9370 affects the MediaTek bootloader in the Android platform, describing a vulnerability in download.c where a special mode allows data to be downloaded into memory with missing bounds checks, leading to possible memory corruption and local escalation of privilege. The exploitation requi...
CVE-2018-9369
CVE-2018-9369 describes a local elevation-of-privilege in the bootloader where a fastboot command allows a user to pass kernel command line arguments. The root cause is the bootloader’s handling of user-supplied kernel parameters, enabling a local attacker to gain higher privileges without additi...
CVE-2018-9368
Concretely affects MediaTek mtksocoaudio (debugfs) in the Android stack. The vulnerability is caused by a missing bounds check combined with weakened SELinux policies in the mtksocoaudio debugfs, enabling an arbitrary kernel memory write. Impact: local privilege escalation to a system/privileged ...
CVE-2018-9367
CVE-2018-9367 describes a potential out-of-bounds write in the MediaTek Cameratool CCAP component (function FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS within Meta_CCAP_Para.cpp). The underlying issue is improper input validation, which could enable local escalation of privilege with no additional exe...
CVE-2018-9366
CVE-2018-9366 affects Google/Android devices with the MediaTek IMSA component. In IMSA_Recv_Thread and VT_IMCB_Thread (IMSAClient.cpp and VideoTelephony.c), an out-of-bounds write due to an integer overflow is described, leading to local escalation of privilege with no user interaction required. ...
CVE-2018-9364
CVE-2018-9364 corresponds to an Elevation of Privilege in the LG LGLAF bootloader component. The connected sources indicate the issue involves a special command that permitted modification of certain partitions, enabling bypass of secure boot. The Red Hat and Android bulletin entries corroborate ...
CVE-2018-9345
CVE-2018-9345 affects Android’s BnAudioPolicyService (AudioPolicyService.cpp). The issue is information disclosure due to uninitialized data, enabling local information disclosure with no extra privileges and no user interaction required. Multiple connected sources confirm the same description. P...
CVE-2018-9344
The CVE-2018-9344 entry describes a use-after-free in DescramblerImpl.cpp caused by improper locking, enabling local privilege escalation with no extra privileges and no user interaction. Connected sources associate this issue with Android’s Media framework and list affected context in the Androi...
CVE-2018-9339
CVE-2018-9339 affects Android’s framework Parcel.java, specifically in the methods writeTypedArrayList/readTypedArrayList, with a root cause of type confusion that enables local privilege escalation. The vulnerability can be exploited with no user interaction and requires local access. Public doc...