In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146428941
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0198
Reference (s):
- FEDORA:FEDORA-2020-0aa0fc1b0c
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ELDZR6USD5PR34MRK2ZISLCYJ465FNKN/
- FEDORA:FEDORA-2020-e99ef3282f
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVBD5JRUQPN4LQHTAAJHA3MR5M7YTAC7/
- GENTOO:GLSA-202011-19