CVE-2019-2201
Description
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.083
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_1.4.2-0ubuntu3.3_i386.deb | Linux |
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_1.4.2-0ubuntu3.3_amd64.deb | Linux |
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_2.0.1-0ubuntu2.2_i386.deb | Linux |
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_2.0.1-0ubuntu2.2_amd64.deb | Linux |
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_1.5.2-0ubuntu5.18.04.3_i386.deb | Linux |
| library for handling JPEG files (USN-4190-1) libjpeg-turbo8_1.5.2-0ubuntu5.18.04.3_amd64.deb | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg-turbo-1.5.3-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg-turbo-debuginfo-1.5.3-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg-turbo-debugsource-1.5.3-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-62.2.0-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-32bit-62.2.0-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-debuginfo-62.2.0-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-debuginfo-32bit-62.2.0-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-turbo-1.5.3-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg62-turbo-debugsource-1.5.3-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg8-8.1.2-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg8-32bit-8.1.2-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg8-debuginfo-8.1.2-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libjpeg8-debuginfo-32bit-8.1.2-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libturbojpeg0-8.1.2-31.19.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2972-1(SUSE Linux Enterprise Desktop 12-SP4 ) libturbojpeg0-debuginfo-8.1.2-31.19.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234