Intrusion Prevention

Android.HEVC.Library.Out.of.Bounds.Write

Description

This indicates an attack attempt to exploit an Out Of Bounds write vulnerability in Android.
The vulnerability is due to a missing bounds check. This could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.

Affected Products

Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
https://source.android.com/security/bulletin/2019-07-01

CVE References

CVE-2019-2107