Main Vulnerability Database Vulnerabilities #VU46899

Input validation error in Google Android - CVE-2020-0351

Published: September 17, 2020 / Updated: September 22, 2020

Vulnerability identifier: #VU46899

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-0351

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777537

Remediation

Install update from vendor's website.

External links

https://source.android.com/security/bulletin/android-11

Input validation error in Google Android - CVE-2020-0351

Description

Remediation

External links

Please verify you're human