Out of Bounds Write Vulnerability in Android System Agent
CVE-2018-9405

Currently unrated

Key Information:

Vendor: Google
Status: Android System
Vendor: CVE Published:; 18 January 2025

Summary

In the BnDmAgent::onTransact function within dm_agent.cpp, an out of bounds write occurs due to a missing bounds check. This vulnerability enables a local attacker to escalate privileges to System execution privileges without requiring user interaction, potentially compromising the security of the affected Android system.

References

https://source.android.com/security/bulletin/pixel/2018-0...

Timeline

Vulnerability published
Jan 18, 2025