CVE-2020-0351
MEDIUMAndroid 11 - Denial of Service via Improper Input Validation in libstagefright
Title source: llmDescription
In libstagefright, there is possible CPU exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124777537
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/android-11
Scores
CVSS v3
6.5
EPSS
0.0078
EPSS Percentile
51.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
google/android
11.0
Published
Sep 17, 2020
Tracked Since
Feb 18, 2026