CVE-2019-2215
Description
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
54.468
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4186-1) linux-image-aws_4.4.0.1098.102_amd64.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-kvm_4.4.0.1062.62_amd64.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-1062-kvm_4.4.0-1062.69_amd64.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-1098-aws_4.4.0-1098.109_amd64.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-168-generic_4.4.0-168.197_i386.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-168-generic_4.4.0-168.197_amd64.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-168-lowlatency_4.4.0-168.197_i386.deb | Linux |
| Linux kernel (USN-4186-1) linux-image-4.4.0-168-lowlatency_4.4.0-168.197_amd64.deb | Linux |
| Use After Free Vulnerability (CVE-2019-2215) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234