Vulnerability Details CVE-2020-0002
In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-142602711
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References