CVE-2018-9378

MEDIUM Year: 2018
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-908
View all →

Vulnerability Description

In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2024-38254

MEDIUM
CVSS:6.2(Medium)

Windows Authentication Information Disclosure Vulnerability

CWE-9082024

CVE-2020-6444

MEDIUM
CVSS:6.3(Medium)

Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CWE-9082020

CVE-2024-42161

MEDIUM
CVSS:6.3(Medium)

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD [Changes from V1: - Use a default branch in the switch statement to initial...

CWE-9082024

CVE-2020-35494

MEDIUM
CVSS:6.1(Medium)

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to ...

CWE-9082020

CVE-2024-57874

MEDIUM
CVSS:6.1(Medium)

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_TAGGED_ADDR_CTRL Currently tagged_addr_ctrl_set() doesn't initialize the temporary '...

CWE-9082024

CVE-2024-57877

MEDIUM
CVSS:6.1(Medium)

In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_POE Currently poe_set() doesn't initialize the temporary 'ctrl' variable, and a SETR...

CWE-9082024