CVE-2022-20209

HIGH

Android 12L - Out-of-bounds Write in hme_add_new_node_to_a_sorted_array

Title source: llm
STIX 2.1

Description

In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-207502397

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0075
EPSS Percentile 50.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-787
Status published
Products (1)
google/android 12.1
Published Jun 15, 2022
Tracked Since Feb 18, 2026