CVE-2019-2104

Summary

In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-131356202

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-8.0 Android-8.1 Android-9affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References