CVE-2019-2180

Summary

In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-8.0 Android-8.1 Android-9affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References