Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OPPO ColorOS 信息泄露漏洞
Vulnerability Description
OPPO ColorOS是中国OPPO广东移动通信(OPPO)公司的一套基于Android的移动设备操作系统。 OPPO ColorOS中的AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP文件存在信息泄露漏洞。攻击者可利用该漏洞获取有关栈信息的值及绕过ALSR。
CVSS Information
N/A
Vulnerability Type
N/A