Google Android Mobile operating system

stack.watch can notify you when security vulnerabilities are reported in Google Android. You can add multiple products that you use with Android to create your own personal software stack watcher.

@Android Tweets

Don’t sweat it. Stay active and healthy anywhere with YouTube curated #WithMe workouts on the #GoogleFit app. �� Lea… https://t.co/yb3wePpkZI
Thu Jul 09 16:07:23 +0000 2020

Caught in the constant scroll? Set daily app timers on Android to limit your usage to what feels right for you. Dis… https://t.co/zTTaweV6up
Wed Jul 08 16:46:39 +0000 2020

Reduce distractions and get work done on your own terms with Focus mode on Android. Discover more digital wellbeing… https://t.co/fhExbZ4Xta
Mon Jul 06 19:41:46 +0000 2020

Bubbles on #Android11 will help you manage multiple conversations, even while you’re getting other things done on y… https://t.co/T8CrzzVIDN
Wed Jul 01 18:48:23 +0000 2020

RT @madebygoogle: Now you can show your Pride while you video chat, with Google Duo’s new Pride AR filter. Try it now > https://t.co/kamqnS…
Tue Jun 30 19:37:16 +0000 2020

By the Year

In 2020 there have been 414 vulnerabilities in Google Android with an average score of 7.0 out of ten. Last year Android had 491 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Android in 2020 could surpass last years number. Last year, the average CVE base score was greater by 0.09

Year	Vulnerabilities	Average Score
2020	414	7.02
2019	491	7.11
2018	292	7.58

It may take a day or so for new Android vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Google Android Security Vulnerabilities

This is an unbounded write into kernel global memory

CVE-2020-0223 9.8 - Critical - June 16, 2020

This is an unbounded write into kernel global memory, via a user-controlled buffer size.Product: AndroidVersions: Android kernelAndroid ID: A-135130450

CVE-2020-0223 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Improper Privilege Management

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it

CVE-2020-0232 9.8 - Critical - June 16, 2020

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abc_pcie_dma_user_xfer_clean. If this happens, abc_pcie_start_dma_xfer and abc_pcie_wait_dma_xfer in the original thread will trigger UAF when working with the transfer object.Product: AndroidVersions: Android kernelAndroid ID: A-151453714

CVE-2020-0232 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Dangling pointer

In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0234 7.8 - High - June 16, 2020

In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148189280

CVE-2020-0234 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use

CVE-2020-0235 9.8 - Critical - June 16, 2020

In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copy_from_user", ending up overwriting memory following "crus_sp_hdr". "crus_sp_hdr" is a static variable, of type "struct crus_sp_ioctl_header".Product: AndroidVersions: Android kernelAndroid ID: A-135129430

CVE-2020-0235 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Memory Corruption

In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0155 7.8 - High - June 11, 2020

In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736386

CVE-2020-0155 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0158 4.4 - Medium - June 11, 2020

In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141547128

CVE-2020-0158 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0159 5.5 - Medium - June 11, 2020

In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140768035

CVE-2020-0159 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0160 8.8 - High - June 11, 2020

In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124771364

CVE-2020-0160 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Memory Corruption

In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0162 6.5 - Medium - June 11, 2020

In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124526959

CVE-2020-0162 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Improper Input Validation

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0163 6.5 - Medium - June 11, 2020

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124525515

CVE-2020-0163 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Improper Input Validation

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0164 4.4 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736125

CVE-2020-0164 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow

CVE-2020-0167 5.5 - Medium - June 11, 2020

In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-129475100

CVE-2020-0167 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization

CVE-2020-0132 5.5 - Medium - June 11, 2020

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139473816

CVE-2020-0132 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Marshaling, Unmarshaling

In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data

CVE-2020-0134 5.5 - Medium - June 11, 2020

In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146052771

CVE-2020-0134 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible out of bounds read due to a missing bounds check

CVE-2020-0151 4.4 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible out of bounds read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-133164384

CVE-2020-0151 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0152 4.4 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145992159

CVE-2020-0152 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0153 6.7 - Medium - June 11, 2020

In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139733543

CVE-2020-0153 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0161 6.5 - Medium - June 11, 2020

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127973550

CVE-2020-0161 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Improper Input Validation

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0165 6.7 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139532977

CVE-2020-0165 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In multiple functions of URI.java

CVE-2020-0166 7.8 - High - June 11, 2020

In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124526860

CVE-2020-0166 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0185 5.5 - Medium - June 11, 2020

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-79945152

CVE-2020-0185 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison

CVE-2020-0187 5.5 - Medium - June 11, 2020

In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-148517383

CVE-2020-0187 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0197 5.5 - Medium - June 11, 2020

In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137370379

CVE-2020-0197 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0217 9.8 - Critical - June 11, 2020

In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141331405

CVE-2020-0217 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check

CVE-2020-0129 7.8 - High - June 11, 2020

In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123292010

CVE-2020-0129 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check

CVE-2020-0135 4.4 - Medium - June 11, 2020

In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150949837

CVE-2020-0135 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Incorrect Default Permissions

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow

CVE-2020-0136 7.8 - High - June 11, 2020

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455

CVE-2020-0136 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Integer Overflow or Wraparound

In setIPv6AddrGenMode of NetworkManagementService.java

CVE-2020-0137 7.8 - High - June 11, 2020

In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141920289

CVE-2020-0137 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow

CVE-2020-0139 4.4 - Medium - June 11, 2020

In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malformed NFC tag is provided by the firmware. System execution privileges are needed and user interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145520471

CVE-2020-0139 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Integer Overflow or Wraparound

In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check

CVE-2020-0140 7.5 - High - June 11, 2020

In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146053215

CVE-2020-0140 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check

CVE-2020-0142 7.5 - High - June 11, 2020

In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146435761

CVE-2020-0142 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0143 4.4 - Medium - June 11, 2020

In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of heap data via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145597277

CVE-2020-0143 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0144 4.4 - Medium - June 11, 2020

In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142543497

CVE-2020-0144 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0145 4.4 - Medium - June 11, 2020

In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544079

CVE-2020-0145 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0146 4.4 - Medium - June 11, 2020

In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142546561

CVE-2020-0146 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0147 4.4 - Medium - June 11, 2020

In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142638392

CVE-2020-0147 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btu_hcif_pin_code_request_evt

CVE-2020-0148 4.4 - Medium - June 11, 2020

In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and btu_hcif_link_key_notification_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142638492

CVE-2020-0148 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0149 4.4 - Medium - June 11, 2020

In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544089

CVE-2020-0149 can be explotited with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0150 7.8 - High - June 11, 2020

In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142280329

CVE-2020-0150 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0154 4.4 - Medium - June 11, 2020

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141550919

CVE-2020-0154 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0156 5.5 - Medium - June 11, 2020

In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139736127

CVE-2020-0156 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0157 4.9 - Medium - June 11, 2020

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139740814

CVE-2020-0157 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0180 6.5 - Medium - June 11, 2020

In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142861738

CVE-2020-0180 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error

CVE-2020-0191 6.5 - Medium - June 11, 2020

In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140561484

CVE-2020-0191 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation

CVE-2020-0192 6.5 - Medium - June 11, 2020

In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144687080

CVE-2020-0192 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s

CVE-2020-0193 6.5 - Medium - June 11, 2020

In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144595488

CVE-2020-0193 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions

CVE-2020-0195 6.5 - Medium - June 11, 2020

In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144686961

CVE-2020-0195 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation

CVE-2020-0207 6.5 - Medium - June 11, 2020

In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-135532289

CVE-2020-0207 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In multiple functions of AccountManager.java, there is a possible permissions bypass

CVE-2020-0208 7.8 - High - June 11, 2020

In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145207098

CVE-2020-0208 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In multiple functions of AccountManager.java, there is a possible permissions bypass

CVE-2020-0209 7.8 - High - June 11, 2020

CVE-2020-0209 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy

CVE-2020-0210 7.8 - High - June 11, 2020

In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145206763

CVE-2020-0210 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Externally Controlled Reference to a Resource in Another Sphere

In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0214 7.5 - High - June 11, 2020

In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140292264

CVE-2020-0214 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0124 6.7 - Medium - June 11, 2020

In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140237592

CVE-2020-0124 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow

CVE-2020-0128 7.5 - High - June 11, 2020

In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123940919

CVE-2020-0128 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Integer Overflow or Wraparound

In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation

CVE-2020-0176 7.5 - High - June 11, 2020

In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-79702484

CVE-2020-0176 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In connect() of PanService.java, there is a possible permissions bypass

CVE-2020-0177 5.5 - Medium - June 11, 2020

In connect() of PanService.java, there is a possible permissions bypass. This could lead to local escalation of privilege to change network connection settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-126206353

CVE-2020-0177 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Improper Privilege Management

In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check

CVE-2020-0178 5.5 - Medium - June 11, 2020

In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check. This could lead to local information disclosure of config flags with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143299398

CVE-2020-0178 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow

CVE-2020-0181 7.5 - High - June 11, 2020

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145075076

CVE-2020-0181 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Integer Overflow or Wraparound

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent

CVE-2020-0219 7.8 - High - June 11, 2020

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081

CVE-2020-0219 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0138 9.8 - Critical - June 11, 2020

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142878416

CVE-2020-0138 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Out-of-bounds Write

In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition

CVE-2020-0141 4.4 - Medium - June 11, 2020

In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition. This could lead to remote information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142544793

CVE-2020-0141 can be explotited with network access, and requires user privledges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 0.7 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy

CVE-2020-0201 9.8 - Critical - June 11, 2020

In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143601727

CVE-2020-0201 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Improper Privilege Management

In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check

CVE-2020-0184 6.5 - Medium - June 11, 2020

In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141688974

CVE-2020-0184 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Loop with Unreachable Exit Condition ('Infinite Loop')

In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check

CVE-2020-0186 6.7 - Medium - June 11, 2020

In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146144463

CVE-2020-0186 is exploitable with local system access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error

CVE-2020-0188 7.8 - High - June 11, 2020

In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147355897

CVE-2020-0188 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop

CVE-2020-0189 6.5 - Medium - June 11, 2020

In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283

CVE-2020-0189 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Loop with Unreachable Exit Condition ('Infinite Loop')

In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow

CVE-2020-0190 8.8 - High - June 11, 2020

In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140324890

CVE-2020-0190 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Read

In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow

CVE-2020-0194 8.8 - High - June 11, 2020

In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143826590

CVE-2020-0194 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Integer Overflow or Wraparound

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation

CVE-2020-0196 6.5 - Medium - June 11, 2020

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833

Improper Input Validation

In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0200 6.5 - Medium - June 11, 2020

In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147231862

CVE-2020-0200 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In onStart of MainActivity.java

CVE-2020-0202 7.8 - High - June 11, 2020

In onStart of MainActivity.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142936525

CVE-2020-0202 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup

CVE-2020-0203 7.8 - High - June 11, 2020

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146313311

CVE-2020-0203 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition

CVE-2020-0204 7 - High - June 11, 2020

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136498130

CVE-2020-0204 is exploitable with local system access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 1.0 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

TOCTTOU

In the settings app, there is a possible app crash due to improper input validation

CVE-2020-0206 5.5 - Medium - June 11, 2020

In the settings app, there is a possible app crash due to improper input validation. This could lead to local denial of service of the Settings app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005061

CVE-2020-0206 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Improper Input Validation

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition

CVE-2020-0126 6.4 - Medium - June 11, 2020

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137878930

CVE-2020-0126 is exploitable with local system access, and requires user privledges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 0.5 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Dangling pointer

In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0127 6.5 - Medium - June 11, 2020

In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the phone process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140054506

CVE-2020-0127 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data

CVE-2020-0131 8.8 - High - June 11, 2020

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-151159638

CVE-2020-0131 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0168 8.8 - High - June 11, 2020

In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137798382

CVE-2020-0168 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0169 6.5 - Medium - June 11, 2020

In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-123700383

CVE-2020-0169 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0170 6.5 - Medium - June 11, 2020

In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127310810

CVE-2020-0170 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition

CVE-2020-0199 4.1 - Medium - June 11, 2020

In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142142406

CVE-2020-0199 can be explotited with local system access, and requires user privledges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 0.5 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Dangling pointer

In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0205 6.5 - Medium - June 11, 2020

In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147234020

CVE-2020-0205 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0211 6.5 - Medium - June 11, 2020

In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147491773

CVE-2020-0211 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Out-of-bounds Read

In _onBufferDestroyed of InputBufferManager.cpp, there is a possible out of bounds read due to a use after free

CVE-2020-0212 6.5 - Medium - June 11, 2020

In _onBufferDestroyed of InputBufferManager.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-135140854

CVE-2020-0212 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Dangling pointer

In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s

CVE-2020-0213 8.8 - High - June 11, 2020

In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143464314

CVE-2020-0213 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass

CVE-2020-0215 7.8 - High - June 11, 2020

In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege of a pairing Bluetooth MAC address with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140417248

CVE-2020-0215 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow

CVE-2020-0216 7.8 - High - June 11, 2020

In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-126204073

CVE-2020-0216 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Integer Overflow or Wraparound

In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition

CVE-2020-0218 7 - High - June 11, 2020

In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005905

CVE-2020-0218 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 1.0 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Out-of-bounds Write

In main of main.cpp, there is possible memory corruption due to a use after free

CVE-2020-0233 7.8 - High - June 11, 2020

In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150225255

CVE-2020-0233 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Dangling pointer

In Parse_lart of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0171 6.5 - Medium - June 11, 2020

In Parse_lart of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313223

CVE-2020-0171 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In Parse_art of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0172 6.5 - Medium - June 11, 2020

In Parse_art of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127312550

CVE-2020-0172 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In Parse_lins of eas_mdls.c, there is possible resource exhaustion due to improper input validation

CVE-2020-0173 6.5 - Medium - June 11, 2020

In Parse_lins of eas_mdls.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313764

CVE-2020-0173 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0174 6.5 - Medium - June 11, 2020

In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127313537

CVE-2020-0174 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation

CVE-2020-0179 7.8 - High - June 11, 2020

In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for exploitation.Product: AndroidVersions: Android-10Android ID: A-130656917

CVE-2020-0179 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Input Validation

In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation

CVE-2020-0175 6.5 - Medium - June 11, 2020

In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-126380818

CVE-2020-0175 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

In handleMessage of BluetoothManagerService, there is an incomplete reset

CVE-2020-0183 7.8 - High - June 11, 2020

In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-110181479

CVE-2020-0183 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass

CVE-2020-0133 7.3 - High - June 11, 2020

In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-145136060

CVE-2020-0133 can be explotited with local system access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.3 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow

CVE-2020-0198 7.5 - High - June 11, 2020

In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941

CVE-2020-0198 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Integer Overflow or Wraparound

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0182 6.5 - Medium - June 11, 2020

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147140917

CVE-2020-0182 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity, and a small impact on availability.

Out-of-bounds Read

In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error

CVE-2020-0114 7.8 - High - June 10, 2020

In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347

CVE-2020-0114 is exploitable with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

Google Android Mobile operating system

@Android Tweets

By the Year

Latest Google Android Security Vulnerabilities

This is an unbounded write into kernel global memory CVE-2020-0223 9.8 - Critical - June 16, 2020

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it CVE-2020-0232 9.8 - Critical - June 16, 2020

In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check CVE-2020-0234 7.8 - High - June 16, 2020

In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use CVE-2020-0235 9.8 - Critical - June 16, 2020

In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0155 7.8 - High - June 11, 2020

In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0158 4.4 - Medium - June 11, 2020

In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check CVE-2020-0159 5.5 - Medium - June 11, 2020

In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check CVE-2020-0160 8.8 - High - June 11, 2020

In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation CVE-2020-0162 6.5 - Medium - June 11, 2020

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation CVE-2020-0163 6.5 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0164 4.4 - Medium - June 11, 2020

In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow CVE-2020-0167 5.5 - Medium - June 11, 2020

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization CVE-2020-0132 5.5 - Medium - June 11, 2020

In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data CVE-2020-0134 5.5 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible out of bounds read due to a missing bounds check CVE-2020-0151 4.4 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible out of bounds read due to a missing bounds check CVE-2020-0152 4.4 - Medium - June 11, 2020

In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0153 6.7 - Medium - June 11, 2020

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation CVE-2020-0161 6.5 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0165 6.7 - Medium - June 11, 2020

In multiple functions of URI.java CVE-2020-0166 7.8 - High - June 11, 2020

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0185 5.5 - Medium - June 11, 2020

In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison CVE-2020-0187 5.5 - Medium - June 11, 2020

In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check CVE-2020-0197 5.5 - Medium - June 11, 2020

In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0217 9.8 - Critical - June 11, 2020

In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check CVE-2020-0129 7.8 - High - June 11, 2020

In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check CVE-2020-0135 4.4 - Medium - June 11, 2020

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow CVE-2020-0136 7.8 - High - June 11, 2020

In setIPv6AddrGenMode of NetworkManagementService.java CVE-2020-0137 7.8 - High - June 11, 2020

In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow CVE-2020-0139 4.4 - Medium - June 11, 2020

In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check CVE-2020-0140 7.5 - High - June 11, 2020

In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check CVE-2020-0142 7.5 - High - June 11, 2020

In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check CVE-2020-0143 4.4 - Medium - June 11, 2020

In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0144 4.4 - Medium - June 11, 2020

In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0145 4.4 - Medium - June 11, 2020

In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0146 4.4 - Medium - June 11, 2020

In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0147 4.4 - Medium - June 11, 2020

In btu_hcif_pin_code_request_evt CVE-2020-0148 4.4 - Medium - June 11, 2020

In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0149 4.4 - Medium - June 11, 2020

In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0150 7.8 - High - June 11, 2020

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check CVE-2020-0154 4.4 - Medium - June 11, 2020

In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check CVE-2020-0156 5.5 - Medium - June 11, 2020

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0157 4.9 - Medium - June 11, 2020

In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check CVE-2020-0180 6.5 - Medium - June 11, 2020

In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error CVE-2020-0191 6.5 - Medium - June 11, 2020

In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation CVE-2020-0192 6.5 - Medium - June 11, 2020

In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s CVE-2020-0193 6.5 - Medium - June 11, 2020

In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions CVE-2020-0195 6.5 - Medium - June 11, 2020

In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation CVE-2020-0207 6.5 - Medium - June 11, 2020

In multiple functions of AccountManager.java, there is a possible permissions bypass CVE-2020-0208 7.8 - High - June 11, 2020

In multiple functions of AccountManager.java, there is a possible permissions bypass CVE-2020-0209 7.8 - High - June 11, 2020

In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy CVE-2020-0210 7.8 - High - June 11, 2020

In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check CVE-2020-0214 7.5 - High - June 11, 2020

In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check CVE-2020-0124 6.7 - Medium - June 11, 2020

In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow CVE-2020-0128 7.5 - High - June 11, 2020

In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation CVE-2020-0176 7.5 - High - June 11, 2020

In connect() of PanService.java, there is a possible permissions bypass CVE-2020-0177 5.5 - Medium - June 11, 2020

In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check CVE-2020-0178 5.5 - Medium - June 11, 2020

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow CVE-2020-0181 7.5 - High - June 11, 2020

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent CVE-2020-0219 7.8 - High - June 11, 2020

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check CVE-2020-0138 9.8 - Critical - June 11, 2020

In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition CVE-2020-0141 4.4 - Medium - June 11, 2020

In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy CVE-2020-0201 9.8 - Critical - June 11, 2020

In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check CVE-2020-0184 6.5 - Medium - June 11, 2020

In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check CVE-2020-0186 6.7 - Medium - June 11, 2020

In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error CVE-2020-0188 7.8 - High - June 11, 2020

In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop CVE-2020-0189 6.5 - Medium - June 11, 2020

In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow CVE-2020-0190 8.8 - High - June 11, 2020

In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow CVE-2020-0194 8.8 - High - June 11, 2020

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation CVE-2020-0196 6.5 - Medium - June 11, 2020

In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check CVE-2020-0200 6.5 - Medium - June 11, 2020

In onStart of MainActivity.java CVE-2020-0202 7.8 - High - June 11, 2020

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup CVE-2020-0203 7.8 - High - June 11, 2020

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition CVE-2020-0204 7 - High - June 11, 2020

In the settings app, there is a possible app crash due to improper input validation CVE-2020-0206 5.5 - Medium - June 11, 2020

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition CVE-2020-0126 6.4 - Medium - June 11, 2020

In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check CVE-2020-0127 6.5 - Medium - June 11, 2020

This is an unbounded write into kernel global memory

CVE-2020-0223 9.8 - Critical - June 16, 2020

Function abc_pcie_issue_dma_xfer_sync creates a transfer object, adds it to the session object then continues to work with it

CVE-2020-0232 9.8 - Critical - June 16, 2020

In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0234 7.8 - High - June 16, 2020

In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use

CVE-2020-0235 9.8 - Critical - June 16, 2020

In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0155 7.8 - High - June 11, 2020

In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0158 4.4 - Medium - June 11, 2020

In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0159 5.5 - Medium - June 11, 2020

In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0160 8.8 - High - June 11, 2020

In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0162 6.5 - Medium - June 11, 2020

In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0163 6.5 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0164 4.4 - Medium - June 11, 2020

In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow

CVE-2020-0167 5.5 - Medium - June 11, 2020

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization

CVE-2020-0132 5.5 - Medium - June 11, 2020

In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data

CVE-2020-0134 5.5 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible out of bounds read due to a missing bounds check

CVE-2020-0151 4.4 - Medium - June 11, 2020

In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0152 4.4 - Medium - June 11, 2020

In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0153 6.7 - Medium - June 11, 2020

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation

CVE-2020-0161 6.5 - Medium - June 11, 2020

In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0165 6.7 - Medium - June 11, 2020

In multiple functions of URI.java

CVE-2020-0166 7.8 - High - June 11, 2020

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0185 5.5 - Medium - June 11, 2020

In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison

CVE-2020-0187 5.5 - Medium - June 11, 2020

In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0197 5.5 - Medium - June 11, 2020

In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0217 9.8 - Critical - June 11, 2020

In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check

CVE-2020-0129 7.8 - High - June 11, 2020

In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check

CVE-2020-0135 4.4 - Medium - June 11, 2020

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow

CVE-2020-0136 7.8 - High - June 11, 2020

In setIPv6AddrGenMode of NetworkManagementService.java

CVE-2020-0137 7.8 - High - June 11, 2020

In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow

CVE-2020-0139 4.4 - Medium - June 11, 2020

In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check

CVE-2020-0140 7.5 - High - June 11, 2020

In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check

CVE-2020-0142 7.5 - High - June 11, 2020

In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0143 4.4 - Medium - June 11, 2020

In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0144 4.4 - Medium - June 11, 2020

In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0145 4.4 - Medium - June 11, 2020

In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0146 4.4 - Medium - June 11, 2020

In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0147 4.4 - Medium - June 11, 2020

In btu_hcif_pin_code_request_evt

CVE-2020-0148 4.4 - Medium - June 11, 2020

In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0149 4.4 - Medium - June 11, 2020

In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0150 7.8 - High - June 11, 2020

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0154 4.4 - Medium - June 11, 2020

In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0156 5.5 - Medium - June 11, 2020

In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0157 4.9 - Medium - June 11, 2020

In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0180 6.5 - Medium - June 11, 2020

In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error

CVE-2020-0191 6.5 - Medium - June 11, 2020

In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation

CVE-2020-0192 6.5 - Medium - June 11, 2020

In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s

CVE-2020-0193 6.5 - Medium - June 11, 2020

In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions

CVE-2020-0195 6.5 - Medium - June 11, 2020

In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation

CVE-2020-0207 6.5 - Medium - June 11, 2020

In multiple functions of AccountManager.java, there is a possible permissions bypass

CVE-2020-0208 7.8 - High - June 11, 2020

In multiple functions of AccountManager.java, there is a possible permissions bypass

CVE-2020-0209 7.8 - High - June 11, 2020

In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy

CVE-2020-0210 7.8 - High - June 11, 2020

In ce_t4t_process_select_file_cmd of ce_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check

CVE-2020-0214 7.5 - High - June 11, 2020

In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0124 6.7 - Medium - June 11, 2020

In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow

CVE-2020-0128 7.5 - High - June 11, 2020

In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation

CVE-2020-0176 7.5 - High - June 11, 2020

In connect() of PanService.java, there is a possible permissions bypass

CVE-2020-0177 5.5 - Medium - June 11, 2020

In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check

CVE-2020-0178 5.5 - Medium - June 11, 2020

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow

CVE-2020-0181 7.5 - High - June 11, 2020

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent

CVE-2020-0219 7.8 - High - June 11, 2020

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0138 9.8 - Critical - June 11, 2020

In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition

CVE-2020-0141 4.4 - Medium - June 11, 2020

In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy

CVE-2020-0201 9.8 - Critical - June 11, 2020

In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check

CVE-2020-0184 6.5 - Medium - June 11, 2020

In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check

CVE-2020-0186 6.7 - Medium - June 11, 2020

In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error

CVE-2020-0188 7.8 - High - June 11, 2020

In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop

CVE-2020-0189 6.5 - Medium - June 11, 2020

In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow

CVE-2020-0190 8.8 - High - June 11, 2020

In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow

CVE-2020-0194 8.8 - High - June 11, 2020

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation

CVE-2020-0196 6.5 - Medium - June 11, 2020

In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0200 6.5 - Medium - June 11, 2020

In onStart of MainActivity.java

CVE-2020-0202 7.8 - High - June 11, 2020

In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup

CVE-2020-0203 7.8 - High - June 11, 2020

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition

CVE-2020-0204 7 - High - June 11, 2020

In the settings app, there is a possible app crash due to improper input validation

CVE-2020-0206 5.5 - Medium - June 11, 2020

In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition

CVE-2020-0126 6.4 - Medium - June 11, 2020

In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check

CVE-2020-0127 6.5 - Medium - June 11, 2020

In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data

CVE-2020-0131 8.8 - High - June 11, 2020

In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check

CVE-2020-0168 8.8 - High - June 11, 2020

In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0169 6.5 - Medium - June 11, 2020

In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check

CVE-2020-0170 6.5 - Medium - June 11, 2020