Launchpad CVE tracker

CVE 2019-9371

In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254

Related bugs and status

CVE-2019-9371 (Candidate) is related to these bugs:

Bug #2004523: [MIR] libwebm (transitive dependency of libheif)[libheif -> aom -> libwebm]

Summary				In	Importance	Status
	2004523	[MIR] libwebm (transitive dependency of libheif)[libheif -> aom -> libwebm]		libwebm (Ubuntu)	Undecided	In Progress
	2004523	[MIR] libwebm (transitive dependency of libheif)[libheif -> aom -> libwebm]		libwebm (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://source.android...
MLIST: [oss-security] 2019102...
MLIST: [oss-security] 2019102...
MLIST: [oss-security] 2019110...
UBUNTU: USN-4199-1
BUGTRAQ: 20191128 [SECURITY] [D...
DEBIAN: DSA-4578
FEDORA: FEDORA-2020-65eac1b48b
FEDORA: FEDORA-2020-6cd410d9e4
SUSE: openSUSE-SU-2020:0105
GENTOO: GLSA-202003-59

Launchpad.net

CVE 2019-9371

Related bugs and status

Related bugs

References