CVE-2019-20770

Published: Apr 17, 2020Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 (September 2019).

Affected (1)

Products: Google: Android

Google

1 product

Android

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 9.0

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

https://lgsecurity.lge.com/

Source: cve@mitre.org

Vendor Advisory

https://lgsecurity.lge.com/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.