Android-8.0 Access of Resource Using Incompatible Type (‘Type Confusion’) Vulnerability
In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out of bounds write due to type confusion.
The information has been provided by Vendor
The original article can be found at:https://source.android.com/security/bulletin/2020-07-01
This could lead to remote code execution when processing a proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android.