Uninitialized Data Memory Corruption Vulnerability in FileInputStream::Read
CVE-2019-2105 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-116114182.
Learn more about our Cis Benchmark Audit For Google Android.