Home > Vulnerability Database > CVE-2020-0004

Mend.io Vulnerability Database

CVE-2020-0004

Good to know:

Date: January 8, 2020

In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image exceeding maximum texture size. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120847476

Language: Java

Severity Score

5.5

Related Resources (3)

Url: https://source.android.com/security/bulletin/2020-01-01

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-0004

Url: https://www.mend.io/vulnerability-database/CVE-2020-0004

Severity Score

5.5

Weakness Type (CWE)

Input Validation

CWE-20

Improper Handling of Exceptional Conditions

CWE-755

Top Fix

Upgrade Version

Upgrade to version android-8.0.0_r42,android-8.1.0_r72,android-9.0.0_r52,android-10.0.0_r21

Learn More

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	4.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-0004

Good to know:

Date: January 8, 2020

Language: Java

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?