Kernel Memory Access Vulnerability in Android by Google
CVE-2018-9401
7.8HIGH
Summary
A vulnerability exists in several versions of Android that allows potential access to kernel memory from user space due to an incorrect bounds check. This oversight could be exploited to achieve local privilege escalation without requiring additional execution permissions, making it a significant security risk. User interaction is not necessary for this vulnerability to be exploited, which increases the likelihood of its impact on affected systems.
Affected Version(s)
Android Android Kernel
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published