CVE-2018-9351
First published: Wed Nov 27 2024(Updated: )
In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =7.0 | |
| Android | =7.1.1 | |
| Android | =7.1.2 | |
| Android | =8.0 | |
| Android | =8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2018-9351?
CVE-2018-9351 is classified as a medium severity vulnerability due to its potential to cause denial of service.
How does CVE-2018-9351 affect users?
CVE-2018-9351 can cause remote denial of service which may disrupt the functionality of affected devices.
What versions of Android are affected by CVE-2018-9351?
CVE-2018-9351 affects Android versions 7.0, 7.1.1, 7.1.2, 8.0, and 8.1.
Is user interaction required for exploiting CVE-2018-9351?
Yes, user interaction is needed for the exploitation of CVE-2018-9351.
How can I fix CVE-2018-9351?
To fix CVE-2018-9351, update your Android device to the latest security patch provided by Google.
- agent/description
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/7.0
- version/android/7.1.1
- version/android/7.1.2
- version/android/8.0
- version/android/8.1