In ih264e_fmt_conv_420p_to_420sp of ih264e_fmt_conv.c there is a possible out of bound read due to missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.
References
| Link | Resource |
|---|---|
| https://source.android.com/docs/security/bulletin/pixel/2018-06-01 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
17 Jun 2026, 02:06
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (es) En ih264e_fmt_conv_420p_to_420sp de ih264e_fmt_conv.c hay una posible lectura fuera de límites debido a una falta de verificación de límites. Esto podría llevar a una denegación de servicio remota sin necesidad de privilegios de ejecución adicionales. Se requiere interacción del usuario para la explotación. |
18 Dec 2024, 19:45
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:* cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:* |
|
| References | () https://source.android.com/docs/security/bulletin/pixel/2018-06-01 - Patch, Vendor Advisory | |
| First Time |
Google
Google android |
29 Nov 2024, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
27 Nov 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-11-27 23:15
Updated : 2026-06-17 02:06
NVD link : CVE-2018-9351
Mitre link : CVE-2018-9351
CVE.ORG link : CVE-2018-9351
JSON object : View
Products Affected
- android
CWE
CWE-125
Out-of-bounds Read
