PT-2019-16291 · Google · Android
Published
2019-11-13
·
Updated
2020-01-08
·
CVE-2019-2204
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Android versions 8.1 through 9
Description
The issue is related to a possible out of bounds read in the
FindSharedFunctionInfo function of objects.cc due to an error in AST traversal. This could potentially lead to remote code execution in the pacprocessor without requiring any additional execution privileges. User interaction is not necessary for exploitation.Recommendations
For Android versions 8.1 through 9, update to a version that contains a fix for this issue to prevent potential remote code execution.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android