CVE Vulnerabilities

CVE-2020-0189

Loop with Unreachable Exit Condition ('Infinite Loop')

Published: Jun 11, 2020 | Modified: Jun 15, 2020
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139939283

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name Vendor Start Version End Version
Android Google 10.0 10.0

References