{"containers": {"cna": {"affected": [{"product": "Color OS", "vendor": "Oppo", "versions": [{"status": "affected", "version": "6"}, {"status": "affected", "version": "7"}]}], "descriptions": [{"lang": "en", "value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-21T13:42:04.000Z", "orgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695", "shortName": "OPPO"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@oppo.com", "ID": "CVE-2020-11828", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Color OS", "version": {"version_data": [{"version_value": "6"}, {"version_value": "7"}]}}]}, "vendor_name": "Oppo"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033", "refsource": "CONFIRM", "url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:42:00.696Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"}]}]}, "cveMetadata": {"assignerOrgId": "7f2b1ad8-5432-4d64-91a1-9099af1cc695", "assignerShortName": "OPPO", "cveId": "CVE-2020-11828", "datePublished": "2020-04-21T13:42:04.000Z", "dateReserved": "2020-04-16T00:00:00.000Z", "dateUpdated": "2024-08-04T11:42:00.696Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oppo:coloros:-:*:*:*:*:*:*:*", "matchCriteriaId": "364D0530-68D3-4564-8328-B45C4631C253", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR."}, {"lang": "es", "value": "En ColorOS (sistema operativo de telefon\u00eda m\u00f3vil oppo, basado en c\u00f3digo surfaceflinger.CPP de position/services/surfaceflinger del frameworks/native de AOSP), RGB es definido en la pila (stack) pero no es inicializado, por eso cuando la funci\u00f3n screenShot en la asignaci\u00f3n del valor de RGB, no inicializar\u00e1 el valor que es devuelto a los atacantes, conllevando a que unos valores en la pila filtren informaci\u00f3n, la vulnerabilidad puede ser usada para omitir la funcionalidad ALSR por los atacantes."}], "id": "CVE-2020-11828", "lastModified": "2024-11-21T04:58:42.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-21T14:15:11.223", "references": [{"source": "security@oppo.com", "tags": ["Third Party Advisory"], "url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033"}], "sourceIdentifier": "security@oppo.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-908"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}