CVE-2018-9371 | THREATINT

Description

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.

PUBLISHED Reserved 2018-04-05 | Published 2024-11-19 | Updated 2024-11-20 | Assigner google_android

Product status

Default status

unaffected

SoCVersion

affected

References

source.android.com/security/bulletin/2018-06-01

cve.org (CVE-2018-9371)

nvd.nist.gov (CVE-2018-9371)

Download JSON