CVE-2020-0022
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715
Affected (25)
Products: Google: Android · Huawei: Mate 20 Firmware, Mate 20 Pro Firmware, Mate 20 X Firmware, P Smart Firmware, P Smart 2019 Firmware, P20 Firmware, P20 Pro Firmware, P30 Firmware, P30 Pro Firmware, Y6 2019 Firmware, Y6 Pro 2019 Firmware, Y9 2019 Firmware, Nova 3 Firmware, Nova Lite 3 Firmware, Honor 8a Firmware, Honor 8x Firmware, Honor View 20 Firmware, Mate 30 Pro Firmware, Mate 30 Firmware, Mate 30 Pro 5g Firmware, Mate 30 5g Firmware
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.195\(c00e74r3p8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 20 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.196\(c185e7r2p4\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 20 Pro | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.195\(c00e74r2p8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 20 X | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.193\(c605e6r1p5t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P Smart | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.180\(c185e3r4p1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P Smart 2019 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.162\(c00e156r1p4\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P20 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.162\(c00e156r1p4\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P20 Pro | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.190\(c432e22r2p5\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P30 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.195\(c00e85r2p8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei P30 Pro | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.290\(c185e5r4p1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Y6 2019 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.290\(c636e5r3p1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Y6 Pro 2019 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.264\(c185e2r5p1t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Y9 2019 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.338\(c00e333r1p1t8\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Nova 3 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.322\(c635e8r2p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Nova Lite 3 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 9.1.0.291\(c185e3r4p1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Honor 8a | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.183\(c185e2r6p1\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Honor 8x | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.195\(c636e3r4p3\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Honor View 20 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.203\(c00e202r7p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 30 Pro | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.203\(c00e202r7p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 30 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.203\(c00e202r7p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 30 Pro 5g | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 10.0.0.203\(c00e202r7p2\) |
| Running on/with | Platform Versions |
|---|---|
Huawei Mate 30 5g | All versions |
References (8)
Source: security@android.com
ExploitThird Party AdvisoryVDB Entry
Source: security@android.com
Mailing ListThird Party Advisory
Source: security@android.com
Third Party Advisory
Source: security@android.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.