Security Advisory

CVE-2020-8899

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-06 16:25:12

Last updated 2024-09-17 03:38:13

Assigner Google

State PUBLISHED

Description

There is a buffer overwrite vulnerability in the Quram qmg library of Samsungs Android OS versions O(8.x), P(9.0) and Q(10.0). An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an arbitrary remote code execution (RCE) without any user interaction. The Samsung ID is SVE-2020-16747.

← Browse all CVEs View on cve.org ↗