In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144351324
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://source.android.com/security/bulletin/2020-03-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2020-03-10T19:55:57
Updated: 2024-08-04T05:47:40.386Z
Reserved: 2019-10-17T00:00:00
Link: CVE-2020-0033
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-03-10T20:15:20.853
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-0033
Redhat
No data.