CVE-2019-2044

CVE numbers: CVE-2019-2044 [Bulletin-CVE-2019-2044]
Coordinated disclosure?: unknown
Categories: Media framework
Details: In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-123701862 [NIST-CVE-2019-2044]
Discovered by: Cusas of L.O. Team [Discovery-CVE-2019-2044] on: Unknown
Reported on: 2019-05-01 [Bulletin-CVE-2019-2044]
Fixed on: 2019-02-26 [A-123701862]
Fix released on: 2019-05-05 [Bulletin-CVE-2019-2044]
Affected versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9 [Bulletin-CVE-2019-2044] regex: (7.0.[0-9])|(7.1.1)|(7.1.2)|(8.0.[0-9])|(8.1.[0-9])|(9.[0-9].[0-9])
Affected devices:
Affected manufacturers: all [Bulletin-CVE-2019-2044]
Fixed versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1, 9 [Bulletin-CVE-2019-2044]
Submission: by: Daniel Carter, on: 2019-07-24

AndroidVulnerabilities.org