CVE-2020-0086

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to a possible out of bounds write due to an integer overflow in the readCString function of Parcel.cpp. This could potentially lead to arbitrary code execution if IntSan were not enabled, which it is by default. No additional execution privileges are required for exploitation, and user interaction is not needed.

Recommendations For Android version Android-10, consider applying the necessary patches or updates to resolve the integer overflow issue in the readCString function of Parcel.cpp. As a temporary workaround, no specific actions are recommended without further information on patch availability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.