Main Vulnerability Database SB2020010832

SB2020010832 - Input validation error in Google, Google Android

Published: January 8, 2020 Updated: August 8, 2020

Security Bulletin ID SB2020010832

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Input validation error (CVE-ID: CVE-2014-9908)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).

Remediation

Install update from vendor's website.

References

http://www.securityfocus.com/bid/94167
https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2
https://source.android.com/security/bulletin/2016-11-01.html
https://vuldb.com/?id.93449