CVE-2020-0007

Summary

In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141890807

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-8.0affected
n/aAndroidAndroid-8.1affected
n/aAndroidAndroid-9affected
n/aAndroidAndroid-10affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References