In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-117838472.
android.googlesource.com/platform/external/skia/+/15c377e6230b060d54c43247a0a261ff7c73553b
android.googlesource.com/platform/external/skia/+/8157d73fb620bc463eb26e974fe92d3259e7545a
nvd.nist.gov/vuln/data-feeds
source.android.com/security/bulletin/2019-02-01.html
source.android.com/security/overview/acknowledgements
www.theregister.co.uk/2019/02/07/android_january_patches/