CVE-2019-9454

MEDIUM

Android Kernel i2c Driver - Out-of-bounds Write

Title source: llm
STIX 2.1

Description

In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/pixel/2019-09-01

Scores

CVSS v3 6.7
EPSS 0.0018
EPSS Percentile 7.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
google/android
Published Sep 06, 2019
Tracked Since Feb 18, 2026