Heap overflow

In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-1...

CVE-2023-20948

CVE-2023-20948 affects Android (Android-12/12L/13) with a flaw in AAVCAssembler.cpp: in dropFramesUntilIframe there is a possible out-of-bounds read caused by a heap buffer overflow, leading to remote information disclosure without extra privileges or user interaction. Connections show no publish...

CVE-2022-20418

CVE-2022-20418 → In Android 12/12L/13, a vulnerability in pickStartSeq() of AAVCAssembler.cpp allows an out-of-bounds read, leading to remote information disclosure without privileges or user interaction. Affected component: Android Media framework. Base CVSSv3.1 score: 7.5 (High). Remediation: p...

Heap overflow

In checkSpsUpdated of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android I...