Lucene search
K

29 matches found

Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.5 views

PT-2023-29871 · Kernelsu · Kernelsu

Name of the Vulnerable Software and Affected Versions: KernelSU versions 0.6.1 through 0.6.x Description: The issue arises from a flaw in the signature verification logic of KernelSU, allowing malware with specially constructed app signing blocks to gain root privileges on infected devices. This...

5.7CVSS5.7AI score0.00173EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/10/30 12:0 a.m.5 views

KernelSU Security Vulnerability

kernelsu is a kernel-based solution for obtaining root privileges on Android devices. A security vulnerability exists in KernelSU versions prior to 0.6.1 to 0.7.0, which stems from a vulnerability that allows an attacker to take over root privileges on a device by building the application signing...

5.7CVSS6.7AI score0.00173EPSS
Exploits0References9
NVD
NVD
added 2023/10/11 12:15 p.m.35 views

CVE-2023-5521

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9...

9.8CVSS7.8AI score0.00582EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/11 12:0 p.m.16 views

CVE-2023-5521 Incorrect Authorization in tiann/kernelsu

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9...

7.3CVSS6.8AI score0.00582EPSS
Exploits1References2
CVE
CVE
added 2023/10/11 12:0 p.m.115 views

CVE-2023-5521

CVE-2023-5521 concerns the tiann/kernelsu project. Multiple connected sources confirm an incorrect authorization flaw in KernelSU prior to v0.6.9 that enables a root takeover via manipulation of the signing blocks in APKs. The root cause is described as improper authorization checks during app si...

9.8CVSS7.7AI score0.00582EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/10/11 12:0 p.m.38 views

CVE-2023-5521 Incorrect Authorization in tiann/kernelsu

Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9...

7.3CVSS9.8AI score0.00582EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/10/11 12:0 a.m.9 views

PT-2023-32151 · Tiann · Kernelsu

Name of the Vulnerable Software and Affected Versions: tiann/kernelsu versions prior to 0.6.9 Description: The issue concerns incorrect authorization in the tiann/kernelsu GitHub repository. This allows for root takeover via signature spoofing. Recommendations: For versions prior to 0.6.9, update...

9.8CVSS7.2AI score0.00582EPSS
Exploits1References9
CNNVD
CNNVD
added 2023/10/11 12:0 a.m.6 views

kernelsu Security Vulnerabilities

kernelsu is a kernel-based solution for obtaining root privileges on Android devices. A security vulnerability exists in kernelsu versions prior to v0.6.9, which stems from incorrect application authorization...

9.8CVSS6.8AI score0.00582EPSS
Exploits1References3
Huntr
Huntr
added 2023/10/08 2:24 p.m.26 views

Root takeover via signature spoofing

Description When an app requests "CMDBECOMEMANAGER" via prctl, couple of checks done before promoting uid as root manager. Main check relies on requester's signature. Signature control is done in checkv2signature function in kernel\apksign.c, this function accepts both V2 and V3 signatures...

7.5CVSS7.1AI score0.00582EPSS
Exploits1References1
Rows per page
Query Builder