VDB
CVE-2019-9371
CVE-2019-9371
PUBLISHED
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254
EPSS 8.60% · 92.6th percentile
Risk Scores
EPSS Score
8.60%
92.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | libvpx | 0, 1.7.0-3, 1.6.1-3 |
Exploit Intelligence
- https://source.android.com/security/bulletin/android-10 (circl)
- [oss-security] 20191025 Security fixes from Android 10 release which are relevant outside the Android ecosystem? (circl)
- [oss-security] 20191026 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? (circl)
- [oss-security] 20191107 Re: Security fixes from Android 10 release which are relevant outside the Android ecosystem? (circl)
- USN-4199-1 (circl)
- 20191128 [SECURITY] [DSA 4578-1] libvpx security update (circl)
- DSA-4578 (circl)
- FEDORA-2020-65eac1b48b (circl)
- FEDORA-2020-6cd410d9e4 (circl)
- openSUSE-SU-2020:0105 (circl)
…and 1 more exploits
Timeline
- Aug 21, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- Jul 14, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-9371 third-party-advisory
- https://www.openwall.com/lists/oss-security/2019/11/07/1 third-party-advisory
- https://chromium.googlesource.com/webm/libwebm/+/cb5a9477073cf7ae4a28356d6e3e5638aba78dc9 third-party-advisory
- https://chromium.googlesource.com/webm/libwebm/+/027a472efe49ff3a24be619442d2150658dbaaa0 third-party-advisory
- https://ubuntu.com/security/notices/USN-4199-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-9371 third-party-advisory