CVE-2018-9391

Name of the Vulnerable Software and Affected Versions Mediatek GPS HAL (affected versions not specified)

Description The issue is related to a possible out of bounds write in the update gps sv and output vzw debug functions of the gpshal worker.c file, due to a missing bounds check. This could lead to a local escalation of privilege with System execution privileges needed. No user interaction is required for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.