Address Space Layout Randomization Bypass in Android Products by Google
CVE-2018-9434

Currently unrated

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 17 January 2025

Summary

A vulnerability within the Parcel.cpp functions of Android could allow an attacker to bypass address space layout randomization (ASLR). This weakness may enable local escalation of privileges without the need for additional execution privileges or user interaction. This could potentially result in unauthorized access to sensitive system resources by manipulating the memory layout, posing a significant risk to the integrity of Android devices.

References

https://source.android.com/security/bulletin/pixel/2018-0...

Timeline

Vulnerability published
Jan 17, 2025