exploitDog

CVE-2020-0136

Опубликовано: 11 июн. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455

Ссылки

https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-95q8-539h-rp9m

github

больше 3 лет назад

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455

EPSS

Процентиль: 2%

0.00015

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-190