ALT-PU-2020-2648-1
Closed vulnerabilities
Published: 2020-06-11
BDU:2021-02074
Уязвимость фунции exif_data_load_data_content (exif-data.c) операционной системы Android, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2020-06-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-0198
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- [debian-lts-announce] 20200613 [SECURITY] [DLA 2249-1] libexif security update
- FEDORA-2020-0aa0fc1b0c
- FEDORA-2020-e99ef3282f
- GLSA-202011-19
- https://source.android.com/security/bulletin/pixel/2020-06-01
- USN-4396-1
- [debian-lts-announce] 20200613 [SECURITY] [DLA 2249-1] libexif security update
- USN-4396-1
- https://source.android.com/security/bulletin/pixel/2020-06-01
- GLSA-202011-19
- FEDORA-2020-e99ef3282f
- FEDORA-2020-0aa0fc1b0c