Use of Uninitialized Resource
CVE-2020-0007
Summary
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141890807
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-908 - Use of Uninitialized Resource
The software uses or accesses a resource that has not been initialized.
References
Advisory Timeline
- Published
