10 matches found
CVE-2020-0189
In ihevcddecode of ihevcddecode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283...
OSV-2020-1326 Heap-buffer-overflow in ihevcd_parse_slice_data
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16804 Crash type: Heap-buffer-overflow READ 4 Crash state: ihevcdparseslicedata ihevcddecode ihevcdcxaapifunction...
CVE-2020-0189
In ihevcddecode of ihevcddecode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283...
CVE-2020-0189
In Android 10, the vulnerability CVE-2020-0189 affects the Media Framework (hevc/decoder path) via ihevcd_decode() in ihevcd_decode.c, causing resource exhaustion from an infinite loop. This can lead to remote denial of service without extra execution privileges; exploitation requires user intera...
libhevc:hevc_dec_fuzzer: Heap-buffer-overflow in ihevcd_parse_slice_data
Project: https://android.googlesource.com/platform/external/libhevc Detailed Report: https://oss-fuzz.com/testcase?key=5696728530944000 Project: libhevc Fuzzing Engine: libFuzzer Fuzz Target: hevcdecfuzzer Job Type: libfuzzerasanlibhevc Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1...
CVE-2017-13191
In the ihevcddecode function of ihevcddecode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
Denial of service
In the ihevcddecode function of ihevcddecode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2017-13191
In the ihevcddecode function of ihevcddecode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2017-13191
The CVE-2017-13191 issue affects Android Media Framework (component: ihevcd_decode in ihevcd_decode.c). It describes an infinite loop caused by an incomplete frame error, enabling remote DoS of a critical system process without extra privileges or user interaction. Affected versions per the docum...
CVE-2017-13191
In the ihevcddecode function of ihevcddecode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...