CVE-2018-9371

Name of the Vulnerable Software and Affected Versions Mediatek Preloader (affected versions not specified)

Description The issue is related to out of bounds reads and writes in the Mediatek Preloader due to an exposed interface. This interface allows arbitrary peripheral memory mapping with insufficient blacklisting or whitelisting, which could lead to local elevation of privilege. Physical access to the device is required for exploitation, and no additional execution privileges are needed. User interaction is necessary for the issue to be exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.