Vulnerabilities > CVE-2019-1986 - Out-of-bounds Write vulnerability in Google Android 9.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-117838472.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |
Common Weakness Enumeration (CWE)
The Hacker News
id | THN:E15EA77F64F9374B240CA8A7F340C67A |
last seen | 2019-02-06 |
modified | 2019-02-06 |
published | 2019-02-06 |
reporter | The Hacker News |
source | https://thehackernews.com/2019/02/hack-android-with-image.html |
title | Android Phones Can Get Hacked Just by Looking at a PNG Image |