Sign-up

ID

VAR-202412-0134


CVE

CVE-2018-9381


TITLE

Google  of  Android  Vulnerability in using uninitialized resources in

Trust: 0.8

sources: JVNDB: JVNDB-2018-016785

DESCRIPTION

In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Google of Android Exists in the use of uninitialized resources.Information may be obtained. Google Pixel is a smartphone produced by Google in the United States. There is a security vulnerability in Google Pixel. No detailed vulnerability details are provided at present

Trust: 2.16

sources: NVD: CVE-2018-9381 // JVNDB: JVNDB-2018-016785 // CNVD: CNVD-2025-00977

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-00977

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:8.1

Trust: 2.4

vendor:googlemodel:androidscope: - version: -

Trust: 0.8

vendor:googlemodel:androidscope:eqversion: -

Trust: 0.8

sources: CNVD: CNVD-2025-00977 // JVNDB: JVNDB-2018-016785 // NVD: CVE-2018-9381

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-9381
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2018-9381
value: HIGH

Trust: 1.0

NVD: CVE-2018-9381
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-00977
value: HIGH

Trust: 0.6

CNVD: CNVD-2025-00977
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-9381
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2018-9381
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-00977 // JVNDB: JVNDB-2018-016785 // NVD: CVE-2018-9381 // NVD: CVE-2018-9381

PROBLEMTYPE DATA

problemtype:CWE-908

Trust: 1.0

problemtype:Use of uninitialized resources (CWE-908) [ others ]

Trust: 0.8

problemtype: Use of uninitialized resources (CWE-908) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2018-016785 // NVD: CVE-2018-9381

PATCH

title:Patch for Google Pixel has an unspecified vulnerability (CNVD-2025-00977)url:https://www.cnvd.org.cn/patchInfo/show/649951

Trust: 0.6

sources: CNVD: CNVD-2025-00977

EXTERNAL IDS

db:NVDid:CVE-2018-9381

Trust: 3.2

db:JVNDBid:JVNDB-2018-016785

Trust: 0.8

db:CNVDid:CNVD-2025-00977

Trust: 0.6

sources: CNVD: CNVD-2025-00977 // JVNDB: JVNDB-2018-016785 // NVD: CVE-2018-9381

REFERENCES

url:https://source.android.com/docs/security/bulletin/pixel/2018-06-01

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-9381

Trust: 1.4

sources: CNVD: CNVD-2025-00977 // JVNDB: JVNDB-2018-016785 // NVD: CVE-2018-9381

SOURCES

db:CNVDid:CNVD-2025-00977
db:JVNDBid:JVNDB-2018-016785
db:NVDid:CVE-2018-9381

LAST UPDATE DATE

2025-01-14T23:11:43.928000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-00977date:2025-01-13T00:00:00
db:JVNDBid:JVNDB-2018-016785date:2024-12-19T06:59:00
db:NVDid:CVE-2018-9381date:2024-12-18T19:39:05.097

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-00977date:2025-01-08T00:00:00
db:JVNDBid:JVNDB-2018-016785date:2024-12-19T00:00:00
db:NVDid:CVE-2018-9381date:2024-12-02T20:15:05.440