How severe is CVE-2019-2039?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5 out of 10.

What type of vulnerability is CVE-2019-2039?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2019-2039 - MEDIUM Severity | CVSS 5

Vulnerability Description

In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-121260197.

Related Vulnerabilities

CVE-2016-7917

MEDIUM

CVSS:5.0(Medium)

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain s...

CWE-1252016

CVE-2017-6437

MEDIUM

CVSS:5.0(Medium)

The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.

CWE-1252017

CVE-2018-19020

MEDIUM

CVSS:5.0(Medium)

When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.

CWE-1252018

CVE-2019-2040

MEDIUM

CVSS:5.0(Medium)

In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privilege...

CWE-1252019

CVE-2019-9235

MEDIUM

CVSS:5.0(Medium)

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed...

CWE-1252019

CVE-2019-9236

MEDIUM

CVSS:5.0(Medium)

CWE-1252019