CVE-2018-9390

MEDIUM Year: 2018
CVSS v3 Score
6.7
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

In procfile_write of gl_proc.c, there is a possible out of bounds read of a function pointer due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Related Vulnerabilities

CVE-2019-11124

MEDIUM
CVSS:6.7(Medium)

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local acc...

CWE-1252019

CVE-2019-11129

MEDIUM
CVSS:6.7(Medium)

Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local acc...

CWE-1252019

CVE-2019-15090

MEDIUM
CVSS:6.7(Medium)

An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.

CWE-1252019

CVE-2020-27036

MEDIUM
CVSS:6.7(Medium)

In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System...

CWE-1252020

CVE-2020-8757

MEDIUM
CVSS:6.7(Medium)

Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local ac...

CWE-1252020

CVE-2020-9125

MEDIUM
CVSS:6.7(Medium)

There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending ...

CWE-1252020