We found results for “”
CVE-2019-2226
Good to know:
Date: December 6, 2019
In device_class_to_int of device_class.cc, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140152619
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Out-of-bounds Read
CWE-125Top Fix
Upgrade Version
Upgrade to version android-8.0.0_r41;android-8.1.0_r71;android-9.0.0_r51;android-10.0.0_r17
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | LOCAL |
Access Complexity (AC): | LOW |
Authentication (AU): | NONE |
Confidentiality (C): | COMPLETE |
Integrity (I): | NONE |
Availability (A): | NONE |
Additional information: |