CVE-2019-2232

HIGH

Android -8.0-10 - Remote DoS

Title source: llm

Description

In handleRun of TextLine.java, there is a possible application crash due to improper input validation. This could lead to remote denial of service when processing Unicode with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140632678

References (1)

[Patch, Vendor Advisory] https://source.android.com/security/bulletin/2019-12-01

Scores

CVSS v3 7.5

EPSS 0.0080

EPSS Percentile 74.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-682 CWE-20

Status published

Products (4)

google/android 8.0

google/android 8.1

google/android 9.0

google/android 10.0

Published Dec 06, 2019

Tracked Since Feb 18, 2026