CVE-2018-9474

Publication date

2024-11-20 17:25:46

Family

google_android

State

PUBLISHED

Description

In writeToParcel of MediaPlayer.java, there is a possible serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.