Potential Out-of-Bounds Write in cmd_flash_mmc_sparse_img Could Lead to Local Escalation of Privilege
CVE-2018-9372

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 19 November 2024

What is CVE-2018-9372?

A reported vulnerability exists within the Android bootloader related to an out of bounds write in the cmd_flash_mmc_sparse_img function of dl_commands.c. This issue arises from a failure to enforce bounds checks adequately, which could allow for local escalation of privilege. The exploitation of this vulnerability does not require additional execution privileges or user interaction, thereby increasing the risk of unauthorized access to system resources.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Android SoCVersion

References

https://source.android.com/security/bulletin/2018-06-01

Timeline

Vulnerability published
Nov 19, 2024
Vulnerability Reserved
Apr 5, 2018

JSON

Google

What is CVE-2018-9372?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.