Vulnerabilities > CVE-2019-1986 - Out-of-bounds Write vulnerability in Google Android 9.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-117838472.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Common Weakness Enumeration (CWE)
The Hacker News
| id | THN:E15EA77F64F9374B240CA8A7F340C67A |
| last seen | 2019-02-06 |
| modified | 2019-02-06 |
| published | 2019-02-06 |
| reporter | The Hacker News |
| source | https://thehackernews.com/2019/02/hack-android-with-image.html |
| title | Android Phones Can Get Hacked Just by Looking at a PNG Image |