CVE-2020-0161

MEDIUM

Android 10 - Denial of Service in MPEG4Extractor Chunk Parsing

Title source: llm
STIX 2.1

Description

In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127973550

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/pixel/2020-06-01

Scores

CVSS v3 6.5
EPSS 0.0063
EPSS Percentile 45.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
google/android 10.0
Published Jun 11, 2020
Tracked Since Feb 18, 2026