CVE-2018-9547
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In unflatten of GraphicBuffer.cpp, there is a possible bad fd close due to improper input validation. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.1 Android-9. Android ID: A-114223584.
En unflatten de GraphicBuffer.cpp, hay un posible cierre erróneo de fd debido a la validación de entradas incorrecta. Esto podría llevar a un escalado de privilegios local en el servidor del sistema sin necesitar privilegios de ejecución adicionales. No se necesita interacción del usuario para explotarlo. Producto: Android. Versiones: Android-8.1 Android-9. Android ID: A-114223584.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-04-05 CVE Reserved
- 2018-12-06 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/106067 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://source.android.com/security/bulletin/2018-12-01 | 2019-11-13 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 8.1 Search vendor "Google" for product "Android" and version "8.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Android Search vendor "Google" for product "Android" | 9.0 Search vendor "Google" for product "Android" and version "9.0" | - |
Affected
|