CVE-2019-9288

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to a missing bounds check in libhidcommand jni, which could lead to a possible out of bounds write. This might result in local escalation of privilege in the USB service, requiring no additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android version Android-10, consider restricting access to the USB service to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the vulnerable component related to libhidcommand jni might help mitigate the issue. However, specific steps for this version are not provided, so at the moment, there is no information about a newer version that contains a fix for this vulnerability.