In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-117838472.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106842 | Third Party Advisory |
https://source.android.com/security/bulletin/2019-02-01 | Vendor Advisory |
Configurations
History
No history.
Information
Published : 2019-02-28 17:29
Updated : 2023-12-10 12:44
NVD link : CVE-2019-1986
Mitre link : CVE-2019-1986
CVE.ORG link : CVE-2019-1986
JSON object : View
Products Affected
- android
CWE
CWE-787
Out-of-bounds Write