CVE-2019-9420

MEDIUM

Android 10 - Denial of Service via Integer Overflow in libhevc

Title source: llm
STIX 2.1

Description

In libhevc, there is a possible out of bounds read due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111272481

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.0063
EPSS Percentile 46.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-125 CWE-190
Status published
Products (1)
google/android 10.0
Published Sep 27, 2019
Tracked Since Feb 18, 2026