UBUNTU-CVE-2019-2109
- Source
- https://ubuntu.com/security/CVE-2019-2109
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2109.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-2109
- Upstream
- Published
- 2019-07-08T18:15:00Z
- Modified
- 2025-10-24T04:47:23Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1. Android ID: A-130651570.
- References
Affected packages
Ubuntu:16.04:LTS / android
Package
- Name
- android
- Purl
- pkg:deb/ubuntu/android@20160330-0939-0ubuntu1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
Other
20150818-1500-0ubuntu2
20150818-1500-0ubuntu3
20160307-0742-0ubuntu3
20160330-0939-0ubuntu1
Ecosystem specific
{
"binaries": [
{
"binary_name": "android",
"binary_version": "20160330-0939-0ubuntu1"
},
{
"binary_name": "android-copyright",
"binary_version": "20160330-0939-0ubuntu1"
},
{
"binary_name": "android-emulator",
"binary_version": "20160330-0939-0ubuntu1"
},
{
"binary_name": "ubuntu-emulator-images",
"binary_version": "20160330-0939-0ubuntu1"
},
{
"binary_name": "ubuntu-emulator-runtime",
"binary_version": "20160330-0939-0ubuntu1"
}
]
}