Integer Overflow Vulnerability in phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp

Integer Overflow Vulnerability in phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp

CVE-2019-2134 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132083376.

Learn more about our Cis Benchmark Audit For Google Android.