ghsa-r4mf-xwrc-457g
Vulnerability from github
Published
2022-05-24 17:25
Modified
2022-05-24 17:25
Details

In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2020-0108"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-08-11T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616",
  "id": "GHSA-r4mf-xwrc-457g",
  "modified": "2022-05-24T17:25:15Z",
  "published": "2022-05-24T17:25:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0108"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2020-08-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.