Main Vulnerability Database Vulnerabilities #VU34167

Information disclosure in Google Android - CVE-2020-15581

Published: July 7, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34167

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-15581

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The kernel logging feature allows attackers to discover virtual addresses via vectors involving shared memory. The Samsung ID is SVE-2020-17605 (July 2020).

Remediation

Install update from vendor's website.

External links

https://security.samsungmobile.com/securityUpdate.smsb

Information disclosure in Google Android - CVE-2020-15581

Description

Remediation

External links

Please verify you're human