Improper Resource Shutdown or Release
CVE-2020-0414
Summary
In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non-silenced audio buffer due to a permissions bypass. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-157708122
- LOW
- NETWORK
- NONE
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- NONE
CWE-404 - Improper Resource Shutdown or Release
The program does not release or incorrectly releases a resource before it is made available for re-use.
References
Advisory Timeline
- Published