Login Sign Up

CVE-2018-9345

5.5 MEDIUM

📋 TL;DR

This vulnerability in Android's AudioPolicyService allows local attackers to read uninitialized memory, potentially exposing sensitive information. It affects Android devices running vulnerable versions, requiring no user interaction or special privileges for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Android 8.0 (Oreo) and 8.1 (Oreo)
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices running the vulnerable Android versions; requires local access to exploit.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sensitive kernel memory or application data could be leaked, potentially exposing cryptographic keys, passwords, or other protected information.

🟠

Likely Case

Limited information disclosure of uninitialized audio service memory, which may contain fragments of system data but not necessarily sensitive secrets.

🟢

If Mitigated

With proper patching, no information disclosure occurs as the memory is properly initialized before being returned.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring physical or local access to the device.
🏢 Internal Only: MEDIUM - Malicious apps or users with local access could exploit this to gather system information.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires understanding of Android Binder IPC and audio service internals; no public exploits known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level 2018-06-05

Vendor Advisory: https://source.android.com/security/bulletin/2018-06-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > Advanced > System update. 2. Install the June 2018 security patch. 3. Reboot the device after installation.

🔧 Temporary Workarounds

Restrict app permissions

android

Limit which apps have audio-related permissions to reduce attack surface

🧯 If You Can't Patch

  • Isolate vulnerable devices from sensitive networks and data
  • Implement strict app vetting and installation controls

🔍 How to Verify

Check if Vulnerable:

Check Android version in Settings > About phone > Android version. If version is 8.0 or 8.1 with security patch level before 2018-06-05, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.release && adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level is 2018-06-05 or later in Settings > About phone > Android security patch level.

📡 Detection & Monitoring

Log Indicators:

  • Unusual audio service crashes or restarts
  • Suspicious Binder transactions to audio service

Network Indicators:

  • None - this is a local vulnerability

SIEM Query:

Not applicable for local memory disclosure vulnerabilities

📊 Metadata

CVE ID: CVE-2018-9345
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-908
Published: November 19, 2024
Last Updated: November 22, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-9345, you might also want to check these:

CVE-2021-26305 9.8

CVE-2021-26305 is a deserialization vulnerability in the cdr crate for Rust that allows a malicious ...

Same vulnerability type (CWE-908)
CVE-2020-36443 9.8

This vulnerability in libp2p-deflate crate for Rust allows reading uninitialized memory due to passi...

Same vulnerability type (CWE-908)
CVE-2020-36452 9.8

This vulnerability in the array-tools Rust crate allows attackers to cause memory corruption by expl...

Same vulnerability type (CWE-908)