- Description
- In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
- Source
- security@android.com
- NVD status
- Analyzed
- Products
- android
CVSS 3.1
- Type
- Secondary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-190
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8538774C-906D-4B03-A3E7-FA7A55E0DA9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:16.0:-:*:*:*:*:*:*",
"matchCriteriaId": "02882AB1-7993-47DD-84A0-8DF4272D85ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:16.0:qpr2_beta_1:*:*:*:*:*:*",
"matchCriteriaId": "FD695F32-4A73-4846-B1A1-04FF266E9C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:16.0:qpr2_beta_2:*:*:*:*:*:*",
"matchCriteriaId": "3DE9F018-8704-476B-8D59-F63F8486E231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:google:android:16.0:qpr2_beta_3:*:*:*:*:*:*",
"matchCriteriaId": "BE95A642-4330-4F65-B028-3BA597D30F32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]