In libexif, v’è un possibile fuori limite scrittura a causa di un overflow integer. Questo potrebbe portare a un’escalation a distanza di privilegi nel fornitore di contenuti multimediali senza privilegi di esecuzione aggiuntivi necessari. L’interazione dell’utente è necessaria per lo sfruttamento. Prodotto: AndroidVersions: Android-10Android ID: A-112537774
https://seclists.org/bugtraq/2020/Feb/9
https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566
https://github.com/libexif/libexif/issues/26
https://www.debian.org/security/2020/dsa-4618
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MO2VTHD7OLPJDCJBHKUQTBAHZOBBCF6X/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VA5BPQLOFXIZOOJHBYDU635Z5KLUMTDD/
https://security.gentoo.org/glsa/202007-05
https://source.android.com/security/bulletin/android-10
https://lists.debian.org/debian-lts-announce/2020/02/msg00007.html
http://www.openwall.com/lists/oss-security/2019/10/25/17
http://www.openwall.com/lists/oss-security/2019/10/27/1
http://www.openwall.com/lists/oss-security/2019/11/07/1
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html
https://usn.ubuntu.com/4277-1/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9278
