Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2018-9414
CVE-2018-9414:
NixOS vulnerability analysis and mitigation
Overview
CVE-2018-9414 is a security vulnerability discovered in the Android operating system, specifically in the gattServerSendResponseNative function of com_android_bluetooth_gatt.cpp. The vulnerability was disclosed in July 2018 and affects Android versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, and 8.1 (Android Bulletin).
Technical details
The vulnerability is classified as an Elevation of Privilege (EoP) issue with a Moderate severity rating. The core issue involves a possible out of bounds stack write due to a missing bounds check in the Bluetooth GATT server implementation (Android Bulletin).
Impact
The vulnerability could potentially allow an attacker to execute an elevation of privilege attack, potentially gaining higher levels of system access than intended (Android Bulletin).
Mitigation and workarounds
Google addressed this vulnerability in the Android security patch level 2018-07-05. Users should update their Android devices to a security patch level of 2018-07-05 or later to protect against this vulnerability (Android Bulletin).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management