Google Android Framework Component Multiple Privilege Escalation Vulnerabilities

Bugtraq ID:	105848
Class:	Unknown
CVE:	CVE-2018-9522 CVE-2018-9524 CVE-2018-9525
Remote:	Yes
Local:	No
Published:	Nov 05 2018 12:00AM
Updated:	Nov 05 2018 12:00AM
Credit:	The vendor reported these issues.
Vulnerable:	Google Android 0
Not Vulnerable:

Google Android Framework Component Multiple Privilege Escalation Vulnerabilities

Google Android is prone to multiple privilege-escalation vulnerabilities.

Attackers can exploit these issues to execute arbitrary code with elevated privileges within the context of a privileged process.

These issues are being tracked by Android Bug IDs A-112550251, A-34170870, and A-111330641.

Google Android Framework Component Multiple Privilege Escalation Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Google Android Framework Component Multiple Privilege Escalation Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Google Android Framework Component Multiple Privilege Escalation Vulnerabilities

References:

• Android Homepage (Google)
  
• Android Security Bulletin�??November 2018 (Android)