CVE-2018-9511

In ipSecSetEncapSocketOwner of XfrmController.cpp, there is a possible failure to initialize a security feature due to uninitialized data. This could lead to local denial of service of IPsec on sockets with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-111650288
Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:15

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/105482 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/105482 - Third Party Advisory, VDB Entry
References () https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe - Patch, Vendor Advisory () https://android.googlesource.com/platform/system/netd/+/931418b16c7197ca2df34c2a5609e49791125abe - Patch, Vendor Advisory
References () https://source.android.com/security/bulletin/2018-10-01%2C - () https://source.android.com/security/bulletin/2018-10-01%2C -

07 Nov 2023, 03:01

Type Values Removed Values Added
References
  • {'url': 'https://source.android.com/security/bulletin/2018-10-01,', 'name': 'https://source.android.com/security/bulletin/2018-10-01,', 'tags': ['Broken Link', 'Vendor Advisory'], 'refsource': 'CONFIRM'}
  • () https://source.android.com/security/bulletin/2018-10-01%2C -

Information

Published : 2018-10-02 19:29

Updated : 2024-11-21 04:15


NVD link : CVE-2018-9511

Mitre link : CVE-2018-9511

CVE.ORG link : CVE-2018-9511


JSON object : View

Products Affected

google

  • android
CWE
CWE-909

Missing Initialization of Resource