3774 matches found
Out-of-bounds
In setoutboundiatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...
Information disclosure
In DCRYPTOequals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...
CVE-2019-9470
In dmasblkstart of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...
CVE-2019-9472
CVE-2019-9472 describes a timing side-channel in DCRYPTO_equals (compare.c) in the Android kernel/Titan-M component, enabling local information disclosure without extra privileges and without user interaction. Public details across sources confirm the root cause as improper crypto usage, with dis...
CVE-2019-9472
In DCRYPTOequals of compare.c, there is a possible timing attack due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...
PT-2019-6115 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to an out-of-bounds write operation in the binder transaction function of the Android kernel. This could allow an attacker to escalate their privileges...
Bad Binder: Android In-The-Wild Exploit
Posted by Maddie Stone, Project Zero Introduction On October 3, 2019, we disclosed issue 1942 CVE-2019-2215, which is a use-after-free in Binder in the Android kernel. The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device. If chained with a...
DEBIAN-CVE-2019-2213
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
DEBIAN-CVE-2019-2214
In bindertransaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2019-2214
In bindertransaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2019-2213
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2019-2214
In bindertransaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2019-2213
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Race condition
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
UBUNTU-CVE-2019-2213
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
UBUNTU-CVE-2019-2214
In bindertransaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid...
CVE-2019-2213
In binderfreetransaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2019-40503)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Google Android Kernel component binder driver, which can be exploited by an attacker to elevate privileges...
Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2019-40504)
Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An elevation of privilege vulnerability exists in the Google Android Kernel component binder driver, which can be exploited by an attacker to elevate privileges...
Exploit for Use After Free in Google Android
qu1ckr00t A PoC application demonstrating the power of an Andr...