In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation.
[
{
"cpes": [
"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:12.0l:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "unaffected",
"version": "12.0"
},
{
"status": "unaffected",
"version": "12.0l"
},
{
"status": "unaffected",
"version": "13.0"
},
{
"status": "unaffected",
"version": "14.0"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "affected",
"version": "10.0"
}
],
"defaultStatus": "unknown"
}
]