Heap Overflow Vulnerability in Android's mnh-sm.c Component

CVE-2018-9387

Summary

A vulnerability exists within multiple functions of the mnh-sm.c component of Android, where an integer overflow can lead to a heap overflow condition. This flaw can potentially allow an attacker to escalate privileges locally without requiring additional execution privileges. Notably, user interaction is not necessary for the exploitation of this vulnerability, making it particularly concerning for system security.

References