CVE-2019-2126

Published: Aug 20, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-127702368.

Affected (12)

Products: Google: Android · Fedoraproject: Fedora · Canonical: Ubuntu Linux · +1 more

Show all products

Google: Android · Fedoraproject: Fedora · Canonical: Ubuntu Linux · Opensuse: Leap

1 product

1 product

1 product

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 7.0
Google Android	Version 7.1.1
Google Android	Version 7.1.2
Google Android	Version 8.0
Google Android	Version 8.1
Google Android	Version 9.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 30
Fedoraproject Fedora	Version 31

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.1

Related CWEs

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (10)

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

Source: security@android.com

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

Source: security@android.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

Source: security@android.com

https://source.android.com/security/bulletin/2019-08-01

Source: security@android.com

Vendor Advisory

https://usn.ubuntu.com/4199-1/

Source: security@android.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00049.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DQSTK442ATWJOR4TU3MR6C3N5A6NDFFN/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2IIA3RSYABBUCFIHXIRVUT5CTJVWWZ6/

Source: af854a3a-2127-422b-91ae-364da2661108

https://source.android.com/security/bulletin/2019-08-01

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://usn.ubuntu.com/4199-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.