Unrated severityNVD Advisory· Published Mar 10, 2020· Updated Aug 4, 2024
CVE-2020-0034
CVE-2020-0034
Description
In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14- Android/Androiddescription
- Range: 8.0, 8.1
- osv-coords12 versionspkg:rpm/opensuse/libvpx&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/libvpx&distro=openSUSE%20Tumbleweedpkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP1pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/libvpx&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5
< 1.6.1-lp151.5.6.1+ 11 more
- (no CPE)range: < 1.6.1-lp151.5.6.1
- (no CPE)range: < 1.11.0-3.1
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.6.1-6.6.8
- (no CPE)range: < 1.3.0-3.9.1
- (no CPE)range: < 1.3.0-3.9.1
- (no CPE)range: < 1.3.0-3.9.1
- (no CPE)range: < 1.3.0-3.9.1
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2020-05/msg00048.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.debian.org/debian-lts-announce/2021/11/msg00024.htmlmitremailing-listx_refsource_MLIST
- source.android.com/security/bulletin/2020-03-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.