| عنوان | Android: Use-After-Free in Binder driver |
|---|
| الوصف | Google Android is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm (and possibly others). There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binder.c.
CVE-2019-2215, Website contains PoC exploit, Expoit-DB: https://www.exploit-db.com/exploits/47463 |
|---|
| المصدر | ⚠️ https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 |
|---|
| المستخدم | misc (UID 3) |
|---|
| ارسال | 07/10/2019 06:57 PM (7 سنوات منذ) |
|---|
| الاعتدال | 08/10/2019 07:21 AM (12 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 142991 [Google Android 4.4 Binder Driver binder_poll تلف الذاكرة] |
|---|
| النقاط | 20 |
|---|