CVE-2020-0194

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to an integer overflow in the ihevcd parse slice header function, located in ihevcd parse slice header.c, which could lead to an out of bounds write. This might result in remote code execution without requiring additional execution privileges. User interaction is necessary for exploitation.

Recommendations For Android version Android-10, consider restricting access to the ihevcd parse slice header function until a patch is available. As a temporary workaround, avoid using the vulnerable function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.