Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2020-0009
HistoryJan 08, 2020 - 4:15 p.m.

CVE-2020-0009

2020-01-0816:15:00
CWE-276
[email protected]
web.nvd.nist.gov
142
4
cve-2020-0009
ashmem.c
permissions bypass
shared memory
local escalation
android kernel
security vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

14.5%

JSON

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932

Social References

More

Related

debiancve 1
packetstorm 1
symantec 1
zdt 3
prion 1
ubuntucve 1
nessus 8
slackware 1
openvas 1
osv 1
debian 2
androidsecurity 1
debiancve
debiancve
CVE-2020-0009
2020-01-08 16:15:00
packetstorm
packetstorm
Android ashmem Read-Only Bypasses
2020-01-10 00:00:00
symantec
symantec
Google Android Kernel Component CVE-2020-0009 Local Privilege Escalation Vulnerability
2020-01-06 00:00:00
zdt
zdt
Android - ashmem Readonly Bypasses via remap_file_pages() and ASHMEM_UNPIN Exploit
2020-01-15 00:00:00
Android ashmem Read-Only Bypasses Exploit
2020-01-10 00:00:00
WeChat - Memory Corruption in CAudioJBM::InputAudioFrameToJBM Exploit
2020-01-14 00:00:00
prion
prion
Memory corruption
2020-01-08 16:15:00
ubuntucve
ubuntucve
CVE-2020-0009
2020-01-08 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1920)
2020-09-02 00:00:00
EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2020-2443)
2020-11-06 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : kernel (EulerOS-SA-2020-1892)
2020-08-28 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-03-26 23:13:28
openvas
openvas
Debian LTS: Security Advisory for linux (DLA-2241-1)
2020-06-10 00:00:00
osv
osv
linux - security update
2020-06-09 00:00:00
debian
debian
[SECURITY] [DLA 2241-2] linux security update
2020-06-10 10:55:44
[SECURITY] [DLA 2241-1] linux security update
2020-06-09 21:29:32
androidsecurity
androidsecurity
Pixel Update Bulletin—January 2020
2020-01-06 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.6 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

14.5%

JSON
Related for CVE-2020-0009
debiancve1packetstorm1symantec1zdt3prion1ubuntucve1nessus8slackware1openvas1osv1debian2androidsecurity1