An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung IDs are SVE-2020-18088, SVE-2020-18225, SVE-2020-18301 (September 2020).
References
Link | Resource |
---|---|
https://security.samsungmobile.com/securityUpdate.smsb | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2020-09-11 15:15
Updated : 2020-09-21 05:34
NVD link : CVE-2020-25278
Mitre link : CVE-2020-25278
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
- android