CVE-2018-9338

HIGH

Android - Out-of-bounds Write in ResStringPool::setTo

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-9338. PoCs published by Pazhanivelmani.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2018-9338, targeting Android 6.0.1_r22. The vulnerability involves a command injection flaw in the ActivityManager (am) component, allowing arbitrary command execution with elevated privileges.

Description

In ResStringPool::setTo of ResourceTypes.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (1)

nomisec WORKING POC
by Pazhanivelmani · poc
https://github.com/Pazhanivelmani/frameworks_base_Android_6.0.1_r22_CVE-2018-9338

This repository contains a proof-of-concept exploit for CVE-2018-9338, targeting Android 6.0.1_r22. The vulnerability involves a command injection flaw in the ActivityManager (am) component, allowing arbitrary command execution with elevated privileges.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android 6.0.1_r22
No auth needed
Prerequisites: Access to a vulnerable Android device or emulator
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 7.8
EPSS 0.0012
EPSS Percentile 1.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-787
Status published
Products (7)
google/android 6.0
google/android 6.0.1
google/android 7.0
google/android 7.1.1
google/android 7.1.2
google/android 8.0
google/android 8.1
Published Nov 19, 2024
Tracked Since Feb 18, 2026