A flaw was found in the Linux kernel’s Android compatibility functionality. A local attacker can abuse a use-after-free flaw in the Android binder code to corrupt memory or possibly escalate privileges.

Mitigation

There is no mitigation required for this flaw as it does not affect shipping Red Hat Enterprise Linux kernels.

References

bugzilla.redhat.com/show_bug.cgi?id=1805822

nvd.nist.gov/vuln/detail/CVE-2019-2215

www.cve.org/CVERecord?id=CVE-2019-2215

thn 6

zdt 2

exploitpack 1

githubexploit 10

packetstorm 2

prion 1

attackerkb 1

symantec 1

huawei 1

checkpoint_advisories 1

threatpost 6

metasploit 1

cve 1

debiancve 1

ubuntucve 2

googleprojectzero 5

exploitdb 2

trendmicroblog 1

cisa_kev 3

qualysblog 1

androidsecurity 1

fireeye 1

impervablog 1

github 1

openvas 7

ubuntu 2

nessus 7

slackware 1

debian 2

osv 2

thn

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique

2023-05-09 09:39:00

3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group

2020-01-07 16:41:00

New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild

2019-10-04 09:03:00

zdt

Android Binder - Use-After-Free Exploit

2020-02-24 00:00:00

Android - Binder Driver Use-After-Free Exploit

2019-10-04 00:00:00

exploitpack

Android - Binder Driver Use-After-Free

2019-10-04 00:00:00

githubexploit

Exploit for Use After Free in Google Android

2019-10-04 06:32:08

Exploit for Use After Free in Google Android

2021-05-07 16:48:40

Exploit for Use After Free in Google Android

2021-02-05 06:23:28

packetstorm

Android Binder Use-After-Free

2019-10-18 00:00:00

Android Binder Use-After-Free

2020-02-24 00:00:00

prion

Design/Logic Flaw

2019-10-11 19:15:00

attackerkb

CVE-2019-2215

2019-10-11 00:00:00

symantec

Google Android Binder CVE-2019-2215 Local Privilege Escalation Vulnerability

2019-10-02 00:00:00

huawei

Security Advisory - Use-after-free Vulnerability in Android Kernel

2019-10-30 00:00:00

checkpoint_advisories

Android Binder Use After Free (CVE-2019-2215)

2020-01-15 00:00:00

threatpost

Google Warns of Android Zero-Day Bug Under Active Attack

2019-10-04 16:20:54

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

2020-12-09 19:53:13

A Brisk Private Trade in Zero-Days Widens Their Use

2020-04-06 21:05:06

metasploit

Android Binder Use-After-Free Exploit

2019-10-17 10:48:49

cve

CVE-2019-2215

2019-10-11 19:15:00

debiancve

CVE-2019-2215

2019-10-11 19:15:00

ubuntucve

CVE-2019-2215

2019-10-11 00:00:00

CVE-2020-0030

2020-02-13 00:00:00

googleprojectzero

Bad Binder: Android In-The-Wild Exploit

2019-11-21 00:00:00

A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain

2022-11-04 00:00:00

Root Cause Analyses for 0-day In-the-Wild Exploits

2020-07-29 00:00:00

exploitdb

Android Binder - Use-After-Free (Metasploit)

2020-02-24 00:00:00

Android - Binder Driver Use-After-Free

2019-10-04 00:00:00

trendmicroblog

This Week in Security News: INTERPOL Collaboration Reduces Cryptojacking by 78% and Three Malicious Apps Found on Google Play May be Linked to SideWinder APT Group

2020-01-10 13:37:59

cisa_kev

Android Kernel Out-of-Bounds Write Vulnerability

2021-11-03 00:00:00

Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability

2021-11-03 00:00:00

Android Kernel Use-After-Free Vulnerability

2021-11-03 00:00:00

qualysblog

Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR

2021-02-10 21:17:00

androidsecurity

Pixel Update Bulletin—October 2019

2019-10-07 00:00:00

fireeye

Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One

2020-04-06 00:00:00

impervablog

The State of Vulnerabilities in 2019

2020-01-23 08:56:58

github

Pwning the all Google phone with a non-Google bug

2023-01-23 15:05:19

openvas

Ubuntu Update for linux USN-4186-1

2019-11-13 00:00:00

Ubuntu Update for linux USN-4186-3

2019-11-14 00:00:00

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2693)

2020-01-23 00:00:00

ubuntu

Linux kernel vulnerability

2019-11-13 00:00:00

Linux kernel vulnerabilities

2019-11-13 00:00:00

nessus

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4186-1)

2019-11-13 00:00:00

Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)

2019-11-08 00:00:00

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2693)

2019-12-23 00:00:00

slackware

[slackware-security] Slackware 14.2 kernel

2019-11-07 22:31:40

debian

[SECURITY] [DLA 2068-1] linux security update

2020-01-18 04:38:12

[SECURITY] [DLA 2114-1] linux-4.9 security update

2020-03-02 18:14:56

osv

linux - security update

2020-01-17 00:00:00

linux-4.9 - security update

2020-02-21 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for RH:CVE-2019-2215