Candidate: CVE-2019-2128
PublicDate: 2019-08-20 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2128
 https://source.android.com/security/bulletin/2019-08-01
Description:
 In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write due
 to a missing bounds check. This could lead to local escalation of privilege
 with no additional execution privileges needed. User interaction is not
 needed for exploitation. Product: Android. Versions: Android-7.0
 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID:
 A-132647222.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_vo-amrwbenc:
upstream_vo-amrwbenc: needs-triage
precise/esm_vo-amrwbenc: DNE
trusty_vo-amrwbenc: ignored (out of standard support)
trusty/esm_vo-amrwbenc: DNE
xenial_vo-amrwbenc: ignored (end of standard support, was needed)
bionic_vo-amrwbenc: needed
disco_vo-amrwbenc: ignored (reached end-of-life)
eoan_vo-amrwbenc: ignored (reached end-of-life)
focal_vo-amrwbenc: needed
groovy_vo-amrwbenc: ignored (reached end-of-life)
hirsute_vo-amrwbenc: ignored (reached end-of-life)
impish_vo-amrwbenc: needed
jammy_vo-amrwbenc: needed
devel_vo-amrwbenc: needed