PT-2019-5844 · Google+4 · Android+4

Publicado

2019-09-08

Atualizado

2024-06-15

CVE-2020-0499

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to a possible out of bounds read due to a heap buffer overflow in the FLAC bitreader read rice signed block function of bitreader.c. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is required for exploitation.

Recommendations For Android version Android-11, consider restricting access to the FLAC bitreader read rice signed block function until a patch is available. As a temporary workaround, avoid using the affected bitreader.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2021-03402

CVE-2020-0499

DLA-2514-1

MGASA-2020-0480

OESA-2022-1697

OPENSUSE-SU-2020:2348-1

OPENSUSE-SU-2020:2350-1

OPENSUSE-SU-2020_2348-1

OPENSUSE-SU-2020_2350-1

OPENSUSE-SU-2022:10252-1

OPENSUSE-SU-2024:11885-1

OPENSUSE-SU-2024:11951-1

SUSE-SU-2020:3933-1

SUSE-SU-2021:0017-1

SUSE-SU-2021_0017-1

USN-5733-1

Produtos afetados

Android

Astra Linux

Linuxmint

Suse

Ubuntu

PT-2019-5844 · Google+4 · Android+4

CVE-2020-0499

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 62