Main Vulnerability Database Vulnerabilities #VU38907

Integer overflow in Google Android - CVE-2014-9944

Published: June 6, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU38907

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2014-9944

CWE-ID: CWE-190

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In the Secure File System in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.

How to mitigate CVE-2014-9944

Install update from vendor's website.

Sources

http://www.securityfocus.com/bid/98245
https://source.android.com/security/bulletin/2017-05-01

Integer overflow in Google Android - CVE-2014-9944

Detailed vulnerability description

How to mitigate CVE-2014-9944

Sources

Please verify you're human