CVE-2019-2118
Publication date 8 July 2019
Last updated 14 July 2025
Ubuntu priority
Cvss 3 Severity Score
Description
In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-130161842.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| android | ||
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored end of standard support, was needed | |
| 14.04 LTS trusty | Not in release |
Notes
Severity score breakdown
CVSS version: CVSS v3.0
Base score
5.5 · Medium
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N