In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
07 Nov 2023, 03:13
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
14 Oct 2022, 01:47
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/11/07/1 - Mailing List | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/10/27/1 - Mailing List | |
References | (CONFIRM) https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566 - Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VA5BPQLOFXIZOOJHBYDU635Z5KLUMTDD/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/02/msg00007.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html - Mailing List, Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202007-05 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO2VTHD7OLPJDCJBHKUQTBAHZOBBCF6X/ - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2020/Feb/9 - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00000.html - Mailing List, Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4277-1/ - Third Party Advisory | |
References | (CONFIRM) https://github.com/libexif/libexif/issues/26 - Issue Tracking, Patch, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/10/25/17 - Mailing List | |
References | (DEBIAN) https://www.debian.org/security/2020/dsa-4618 - Third Party Advisory | |
First Time |
Fedoraproject fedora
Canonical ubuntu Linux Canonical Fedoraproject Debian debian Linux Opensuse leap Debian Opensuse |
|
CPE | cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* |
Information
Published : 2019-09-27 19:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-9278
Mitre link : CVE-2019-9278
CVE.ORG link : CVE-2019-9278
JSON object : View
Products Affected
opensuse
- leap
fedoraproject
- fedora
- android
canonical
- ubuntu_linux
debian
- debian_linux