CVE-2020-12485

Summary

The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device.

Affected Software

VendorProductVersion RangeStatus
vivoThe frame touch moduleunspecified < PD2012_1.4.0affected
vivoThe frame touch moduleunspecified < PD1965EF_EX_EU_4.4.0affected
vivoThe frame touch moduleunspecified < PD2001F_EX_1.6.0affected
vivoThe frame touch moduleunspecified < PD1968F_EX_1.10.1affected
vivoThe frame touch moduleunspecified < PD1962_1.7.6affected
vivoThe frame touch moduleunspecified < PD1981_1.5.0affected
vivoThe frame touch moduleunspecified < PD2006F_EX_1.6.2affected

Weaknesses

  • CWE-125: CWE-125 Out-of-bounds Read

ADP Enrichment

CVE Program Container

Additional References

References