| 제목 | Android: Use-After-Free in Binder driver |
|---|
| 설명 | Google Android is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm (and possibly others). There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binder.c.
CVE-2019-2215, Website contains PoC exploit, Expoit-DB: https://www.exploit-db.com/exploits/47463 |
|---|
| 원천 | ⚠️ https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 |
|---|
| 사용자 | misc (UID 3) |
|---|
| 제출 | 2019. 10. 07. PM 06:57 (7 연령 ago) |
|---|
| 모더레이션 | 2019. 10. 08. AM 07:21 (12 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 142991 [Google Android 4.4 Binder Driver binder_poll 메모리 손상] |
|---|
| 포인트들 | 20 |
|---|