CVE-2020-0192

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to a possible out of bounds read in the ih264d decode slice thread function of ih264d thread parse decode.c due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is required for exploitation.

Recommendations For Android version Android-10, consider restricting access to the ih264d decode slice thread function until a patch is available. As a temporary workaround, avoid using the affected function to minimize the risk of exploitation.