CVE-2019-2101

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible out-of-bound read in the uvc parse standard control function of uvc driver.c due to improper input validation. This could lead to local information disclosure without requiring additional execution privileges. User interaction is not needed for exploitation.

Recommendations For Android kernel, apply the necessary patch or update to fix the improper input validation in the uvc parse standard control function to prevent out-of-bound read. As a temporary workaround, consider restricting access to sensitive information until a patch is available.