CVE-2018-9354: Divide by Zero
First published: Wed Nov 27 2024(Updated: )
In VideoFrameScheduler.cpp of VideoFrameScheduler::PLL::fit, there is a possible remote denial of service due to divide by 0. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
Credit: security@android.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =7.0 | |
| Android | =7.1.1 | |
| Android | =7.1.2 | |
| Android | =8.0 | |
| Android | =8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2018-9354?
CVE-2018-9354 is classified as a remote denial of service vulnerability.
How does CVE-2018-9354 affect users?
CVE-2018-9354 can lead to remote denial of service, requiring user interaction for exploitation.
What versions of Android are affected by CVE-2018-9354?
CVE-2018-9354 affects Google Android versions 7.0, 7.1.1, 7.1.2, 8.0, and 8.1.
How do I fix CVE-2018-9354?
To mitigate CVE-2018-9354, users should update their Android devices to the latest security patches.
What causes the vulnerability in CVE-2018-9354?
CVE-2018-9354 is caused by a divide by 0 error in VideoFrameScheduler.cpp.
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/weakness
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/7.0
- version/android/7.1.1
- version/android/7.1.2
- version/android/8.0
- version/android/8.1