CVE-2020-0452Integer Overflow or Wraparound in Google Android

CWE-190Integer Overflow or WraparoundCWE-787Out-of-bounds Write9 documents8 sources
Severity
9.8CRITICALNVD
EPSS
14.9%
top 5.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Platform External LibexifLibexif Project LibexifGoogle Android+1 more
Timeline
PublishedNov 10
Latest updateMay 24

Description

In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

CVEListV5google/androidAndroid-8.1 Android-9 Android-10 Android-11 Android-8.0
NVDgoogle/android5 versions+4
Androidplatform/external_libexif11-next:011-next:2020-11-01+5
Debianlibexif_project/libexif< 0.6.22-3+3

Also affects: Fedora 32, 33

Patches

Patch: source.android.comPatch: source.android.com

🔴Vulnerability Details

4
GHSA
GHSA-xrf9-3q75-637f: In exif_entry_get_value of exif-entry2022-05-24
OSV
CVE-2020-0452: In exif_entry_get_value of exif-entry2020-11-10
CVEList
CVE-2020-0452: In exif_entry_get_value of exif-entry2020-11-10
OSV
CVE-2020-0452: In exif_entry_get_value of exif-entry2020-11-01

📋Vendor Advisories

4
Red Hat
libexif: out of bounds write due to an integer overflow in exif-entry.c2020-11-10
Ubuntu
libexif vulnerability2020-11-10
Android
CVE-2020-0452: Android Security Bulletin 2020-11-01 CVE: CVE-2020-0452 Severity: HIGH Type: RCE Affected AOSP versions: 82020-11-01
Debian
CVE-2020-0452: libexif - In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write...2020
CVE-2020-0452 — Integer Overflow or Wraparound | cvebase