| Titel | Android: Use-After-Free in Binder driver |
|---|
| Beschreibung | Google Android is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm (and possibly others). There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binder.c.
CVE-2019-2215, Website contains PoC exploit, Expoit-DB: https://www.exploit-db.com/exploits/47463 |
|---|
| Quelle | ⚠️ https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 |
|---|
| Benutzer | misc (UID 3) |
|---|
| Einreichung | 07.10.2019 18:57 (vor 7 Jahren) |
|---|
| Moderieren | 08.10.2019 07:21 (12 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 142991 [Google Android 4.4 Binder Driver binder_poll Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|