CVE-2018-9416

State: PUBLISHED · Published: 2024-12-04 · Updated: 2024-12-05 · Assigner: google_android

Description

In sg_remove_scat of scsi/sg.c, there is a possible memory corruption due to an unusual root cause. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

CWE

(none)

Affected

Google / Android — v=Kernel [affected]

CVSS

4.0 score=10 severity=CRITICAL CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

References

https://source.android.com/security/bulletin/pixel/2018-07-01

Source

cvelistV5-main/cves/2018/9xxx/CVE-2018-9416.json