PT-2020-16987 · Lg+1 · Lg Mobile Devices+1

Published

2020-11-08

Updated

2020-11-16

CVE-2020-28344

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software.

Description An issue was discovered where system services may crash due to the lack of a NULL parameter check.

Recommendations For Android OS 8.0, consider applying configuration changes to mitigate the risk of system service crashes. For Android OS 8.1, restrict access to system services to minimize the risk of exploitation. For Android OS 9.0, avoid using parameters that may cause system services to crash until the issue is resolved. For Android OS 10, as a temporary workaround, consider disabling system services that may be affected by the lack of a NULL parameter check until a patch is available.

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2020-28344

Affected Products

Android Os

Lg Mobile Devices

PT-2020-16987 · Lg+1 · Lg Mobile Devices+1

CVE-2020-28344

Weakness Enumeration

Related Identifiers

Affected Products

References · 4