{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2018-9463", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2018-04-05T00:00:00.000Z", "datePublished": "2024-12-04T23:40:22.862Z", "dateUpdated": "2024-12-05T15:23:30.413Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Android", "vendor": "Google", "versions": [{"status": "affected", "version": "Kernel"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible<br> out of bounds write due to an incorrect bounds check. This could lead to<br> local escalation of privilege with System execution privileges needed. User<br> interaction is not needed for exploitation."}], "value": "In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible\n out of bounds write due to an incorrect bounds check. This could lead to\n local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation."}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2024-12-04T23:40:22.862Z"}, "references": [{"url": "https://source.android.com/security/bulletin/pixel/2018-08-01"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "affected": [{"vendor": "google", "product": "android", "cpes": ["cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2018-08-05", "versionType": "custom"}]}, {"vendor": "google", "product": "pixel", "cpes": ["cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "2018-08-05", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-12-05T15:21:46.667021Z", "id": "CVE-2018-9463", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-05T15:23:30.413Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2018-9463", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-05T15:21:46.667021Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:google:android:*:*:*:*:*:*:*:*"], "vendor": "google", "product": "android", "versions": [{"status": "affected", "version": "0", "lessThan": "2018-08-05", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:google:pixel:*:*:*:*:*:*:*:*"], "vendor": "google", "product": "pixel", "versions": [{"status": "affected", "version": "0", "lessThan": "2018-08-05", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-05T15:23:23.732Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "Google", "product": "Android", "versions": [{"status": "affected", "version": "Kernel"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://source.android.com/security/bulletin/pixel/2018-08-01"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible\n out of bounds write due to an incorrect bounds check. This could lead to\n local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.", "supportingMedia": [{"type": "text/html", "value": "In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible<br> out of bounds write due to an incorrect bounds check. This could lead to<br> local escalation of privilege with System execution privileges needed. User<br> interaction is not needed for exploitation.", "base64": false}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2024-12-04T23:40:22.862Z"}}}, "cveMetadata": {"cveId": "CVE-2018-9463", "state": "PUBLISHED", "dateUpdated": "2024-12-05T15:23:30.413Z", "dateReserved": "2018-04-05T00:00:00.000Z", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "datePublished": "2024-12-04T23:40:22.862Z", "assignerShortName": "google_android"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible\n out of bounds write due to an incorrect bounds check. This could lead to\n local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation."}, {"lang": "es", "value": "En sw49408_irq_runtime_engine_debug de touch_sw49408.c, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda provocar una escalada local de privilegios, siendo necesarios los permisos de ejecuci\u00f3n de System. No se necesita la interacci\u00f3n del usuario para la explotaci\u00f3n."}], "id": "CVE-2018-9463", "lastModified": "2024-12-19T17:01:04.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-12-05T00:15:18.527", "references": [{"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "https://source.android.com/security/bulletin/pixel/2018-08-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}