CVE-2020-0004

Medium CVSS 5.5

Overview

In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120847476

CWE: CWE-755 Published: 2020-01-08T19:15:13.140

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.5 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags