suse · CVE-2019-2201

Quick triage

Priority: high Published: 2021-05-30 14:21:17 UTC Updated: 2026-03-05 06:31:04 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2019-2201 severity important: SUSE including 309 source package names (0.38.1:libjpeg8-8.1.2-5.12.1, 0.45.0.7.7.1:libjpeg8-8.1.2-5.12.1, …), 545 product×package rows across 92 product lines (Container bci/openjdk, Container bci/openjdk-devel, … (92 product lines)): Fixed 314, Known Affected 231.

Description:

In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-120551338

cvelogic Threat Intelligence