CVE-2018-9344

State: PUBLISHED · Published: 2024-11-19 · Updated: 2024-11-20 · Assigner: google_android

Description

In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE

CWE-416 — CWE-416 Use After Free

Affected

Google / Android — v=8.1 [affected]

CVSS

(none)

References

https://source.android.com/security/bulletin/2018-06-01

Source

cvelistV5-main/cves/2018/9xxx/CVE-2018-9344.json