Integer Overflow Vulnerability in sec_media_protect of media.c

Integer Overflow Vulnerability in sec_media_protect of media.c

CVE-2022-20598 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In sec_media_protect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242357514References: N/A

Learn more about our Cis Benchmark Audit For Google Android.