4 matches found
CVE-2020-0438
In the AIBinderClass constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinderndk in a vulnerable way with no additional execution privileges needed. User interaction is no...
Code injection
In the AIBinderClass constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinderndk in a vulnerable way with no additional execution privileges needed. User interaction is no...
CVE-2020-0438
CVE-2020-0438 affects Android via the AIBinder_Class constructor in ibinder.cpp (libbinder_ndk). It enables potential arbitrary code execution and local privilege escalation without user interaction, when a vulnerable process uses the component. Documented impact includes local escalation of priv...
CVE-2020-0438
In the AIBinderClass constructor of ibinder.cpp, there is a possible arbitrary code execution due to uninitialized data. This could lead to local escalation of privilege if a process were using libbinderndk in a vulnerable way with no additional execution privileges needed. User interaction is no...