Google Android 'Framework' Component Multiple Remote Code Execution Vulnerabilities

Bugtraq ID:	106842
Class:	Unknown
CVE:	CVE-2019-1986 CVE-2019-1987 CVE-2019-1988
Remote:	Yes
Local:	No
Published:	Feb 04 2019 12:00AM
Updated:	Feb 04 2019 12:00AM
Credit:	The vendor reported this issue.
Vulnerable:	Google Pixel XL 0 Google Pixel C 0 Google Pixel 0 Google Nexus 9 Google Nexus 7 Google Nexus 6P Google Nexus 6 Google Nexus 5X Google Nexus 10 Google Android 7.1.1 Google Android 9.0 Google Android 8.1 Google Android 8.0 Google Android 7.1.2 Google Android 7.0
Not Vulnerable:

Google Android 'Framework' Component Multiple Remote Code Execution Vulnerabilities

Google Android is prone to multiple remote code-execution vulnerabilities.

Attackers can exploit these issues to execute arbitrary code in the context of a privileged process. Failed attacks may cause a denial-of-service condition.

These issues are being tracked by Android Bug IDs A-117838472, A-118143775, A-118372692.

Google Android 'Framework' Component Multiple Remote Code Execution Vulnerabilities

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Google Android 'Framework' Component Multiple Remote Code Execution Vulnerabilities

Solution:
Updates are available. Please see the references or vendor advisory for more information.