{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2018-9390","assignerOrgId":"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6","state":"PUBLISHED","assignerShortName":"google_android","dateReserved":"2018-04-05T00:00:00.000Z","datePublished":"2024-12-05T22:23:33.742Z","dateUpdated":"2024-12-06T16:34:19.189Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Android","vendor":"Google","versions":[{"status":"affected","version":"Kernel"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"In procfile_write of gl_proc.c, there is a possible out of  bounds read of a<br>    function pointer due to an incorrect bounds check. This could lead to local<br>    escalation of privilege with System execution privileges needed. User<br>    interaction is not needed for exploitation."}],"value":"In procfile_write of gl_proc.c, there is a possible out of  bounds read of a\n    function pointer due to an incorrect bounds check. This could lead to local\n    escalation of privilege with System execution privileges needed. User\n    interaction is not needed for exploitation."}],"providerMetadata":{"orgId":"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6","shortName":"google_android","dateUpdated":"2024-12-05T22:23:33.742Z"},"references":[{"url":"https://source.android.com/security/bulletin/pixel/2018-06-01"}],"source":{"discovery":"UNKNOWN"},"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-125","lang":"en","description":"CWE-125 Out-of-bounds Read"}]}],"affected":[{"vendor":"google","product":"android","cpes":["cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"kernel","status":"affected"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.7,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"HIGH","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-12-06T16:30:33.536546Z","id":"CVE-2018-9390","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-12-06T16:34:19.189Z"}}]}}