CVE-2019-2049

Summary

In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9 Android ID: A-120445479

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-9affected

Weaknesses

  • Elevation of privilege

ADP Enrichment

CVE Program Container

Additional References

References