Out-of-bounds Read Vulnerability in Status::readFromParcel of Android

Out-of-bounds Read Vulnerability in Status::readFromParcel of Android

CVE-2019-2136 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:N

In Status::readFromParcel of Status.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132650049.

Learn more about our Cis Benchmark Audit For Google Android.