Main Vulnerability Database Vulnerabilities #VU35468

Out-of-bounds read in Google Android - CVE-2019-9462

Published: September 27, 2019 / Updated: August 8, 2020

Vulnerability identifier: #VU35468

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-9462

CWE-ID: CWE-125

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Bluetooth, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-91544774

How to mitigate CVE-2019-9462

Install update from vendor's website.

Sources

https://source.android.com/security/bulletin/android-10

Out-of-bounds read in Google Android - CVE-2019-9462

Detailed vulnerability description

How to mitigate CVE-2019-9462

Sources

Please verify you're human