| Título | Android: Use-After-Free in Binder driver |
|---|
| Descrição | Google Android is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm (and possibly others). There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binder.c.
CVE-2019-2215, Website contains PoC exploit, Expoit-DB: https://www.exploit-db.com/exploits/47463 |
|---|
| Fonte | ⚠️ https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 |
|---|
| Utilizador | misc (UID 3) |
|---|
| Submissão | 07/10/2019 18h57 (há 7 anos) |
|---|
| Moderação | 08/10/2019 07h21 (12 hours later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 142991 [Google Android 4.4 Binder Driver binder_poll Excesso de tampão] |
|---|
| Pontos | 20 |
|---|