VYPR
Unrated severityNVD Advisory· Published Nov 10, 2020· Updated Aug 4, 2024

CVE-2020-0438

CVE-2020-0438

Description

In the AIBinder_Class constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinder_ndk in a vulnerable way with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-161812320

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Android/Androiddescription
  • Google/Androidllm-fuzzy
    Range: Android-10, Android-11

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.