CVE-2019-2107

The provided text describes CVE-2019-2107, a vulnerability in Android 7-9 affecting the HVEC (H.265) decoder, allowing remote code execution via a crafted video file with tiles enabled. The PoC is referenced as a separate downloadable file.

This exploit demonstrates a remote code execution (RCE) vulnerability in Android's HEVC (H.265) decoder via a crafted video file with invalid tile widths. The PoC triggers a crash in the mediacodec process, potentially leading to arbitrary code execution under the mediacodec user context.

This repository provides a detailed technical analysis of CVE-2019-2107, a vulnerability in the HEVC (H.265) decoder that can lead to RCE on Android devices. It includes crash logs, proof-of-concept video files, and insights into the exploitation process, but does not contain functional exploit code.

The repository provides a detailed technical analysis of CVE-2019-2107, a vulnerability in the HEVC (H.265) decoder affecting Android devices. It includes logs, crash dumps, and references to specific code paths in FFmpeg and Android's media framework, demonstrating an understanding of the root cause involving invalid tile widths in HEVC video parsing.

The repository provides a detailed technical analysis of CVE-2019-2107, a vulnerability in the HEVC (H.265) decoder affecting Android devices. It includes crash logs, proof-of-concept video files, and explanations of the root cause involving invalid tile widths in HEVC video parsing.