Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-2128
HistoryAug 20, 2019 - 12:00 a.m.

CVE-2019-2128

2019-08-2000:00:00
ubuntu.com
ubuntu.com
11

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due
to a missing bounds check. This could lead to local escalation of privilege
with no additional execution privileges needed. User interaction is not
needed for exploitation. Product: Android. Versions: Android-7.0
Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID:
A-132647222.

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

Related for UB:CVE-2019-2128