Out-of-bounds read in Google Android - CVE-2020-10844
Published: March 24, 2020 / Updated: August 8, 2020
Google Android
Detailed vulnerability description
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in media.audio_policy. The Samsung ID is SVE-2019-16333 (February 2020). A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.