VDB
CVE-2020-0081
CVE-2020-0081
PUBLISHED
CVSS 7.199999809265137 HIGH
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144028297
EPSS 0.05% · 14.7th percentile
Risk Scores
CVSS v2.0
7.199999809265137
EPSS Score
0.05%
14.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Android | Android-8.0 Android-8.1 Android-9 Android-10 |
| fedoraproject | fedora | 32 |
| android | 8.0, 9.0, 10.0 |
Timeline
- Apr 7, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://source.android.com/security/bulletin/2020-04-01 url
- FEDORA-2020-c9863904de vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-0081 advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KC6HLX5SG4PZO6Y54D2LFJ4ATG76BKOP url
- https://source.android.com/security/bulletin/pixel/2020-04-01 advisory