Medium severity5.5NVD Advisory· Published Oct 2, 2018· Updated Jun 17, 2026
CVE-2018-9499
CVE-2018-9499
Description
In readVector of iCrypto.cpp, there is a possible invalid read due to uninitialized data. This could lead to local information disclosure from the DRM server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-79218474
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- source.android.com/security/bulletin/2018-10-01nvdPatchVendor Advisory
- android.googlesource.com/platform/frameworks/av/+/bf7a67c33c0f044abeef3b9746f434b7f3295bb1nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/105481nvdThird Party AdvisoryVDB Entry
- source.android.com/security/bulletin/2018-10-01%2Cnvd
News mentions
0No linked articles in our index yet.