| Title | Android: Use-After-Free in Binder driver |
|---|
| Description | Google Android is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges. The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm (and possibly others). There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binder.c.
CVE-2019-2215, Website contains PoC exploit, Expoit-DB: https://www.exploit-db.com/exploits/47463 |
|---|
| Source | ⚠️ https://bugs.chromium.org/p/project-zero/issues/detail?id=1942 |
|---|
| User | misc (UID 3) |
|---|
| Submission | 10/07/2019 18:57 (7 years ago) |
|---|
| Moderation | 10/08/2019 07:21 (12 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 142991 [Google Android 4.4 Binder Driver binder_poll use after free] |
|---|
| Points | 20 |
|---|