Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2020-0030
HistoryFeb 13, 2020 - 12:00 a.m.

CVE-2020-0030

2020-02-1300:00:00
ubuntu.com
ubuntu.com
10

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

In binder_thread_release of binder.c, there is a possible use after free
due to a race condition. This could lead to local escalation of privilege
with no additional execution privileges needed. User interaction is not
needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-145286050References: Upstream kernel

Notes

Author Note
cascardo This seems to be like that since binder was added to the kernel, ie., binder would allow the thread to be freed while its wait member was still in the epoll waitqueue. Description was taken from patch’s comment, as it describes the specific race condition that makes this different from CVE-2019-2215. I added the first sentence which would be a fair description of both this CVE and CVE-2019-2215.

Related

prion 2
symantec 1
attackerkb 1
huawei 1
thn 6
zdt 2
packetstorm 2
githubexploit 10
exploitpack 1
checkpoint_advisories 1
threatpost 6
cve 2
debiancve 2
metasploit 1
redhatcve 2
googleprojectzero 5
ubuntucve 1
exploitdb 2
cisa_kev 3
trendmicroblog 1
qualysblog 1
fireeye 1
androidsecurity 1
impervablog 1
github 1
openvas 7
ubuntu 2
nessus 7
slackware 1
osv 2
debian 2
prion
prion
Design/Logic Flaw
2019-10-11 19:15:00
Race condition
2020-02-13 15:15:00
symantec
symantec
Google Android Binder CVE-2019-2215 Local Privilege Escalation Vulnerability
2019-10-02 00:00:00
attackerkb
attackerkb
CVE-2019-2215
2019-10-11 00:00:00
huawei
huawei
Security Advisory - Use-after-free Vulnerability in Android Kernel
2019-10-30 00:00:00
thn
thn
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
2023-05-09 09:39:00
3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group
2020-01-07 16:41:00
New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild
2019-10-04 09:03:00
zdt
zdt
Android Binder - Use-After-Free Exploit
2020-02-24 00:00:00
Android - Binder Driver Use-After-Free Exploit
2019-10-04 00:00:00
packetstorm
packetstorm
Android Binder Use-After-Free
2019-10-18 00:00:00
Android Binder Use-After-Free
2020-02-24 00:00:00
githubexploit
githubexploit
Exploit for Use After Free in Google Android
2019-10-04 06:32:08
Exploit for Use After Free in Google Android
2021-05-07 16:48:40
Exploit for Use After Free in Google Android
2021-02-05 06:23:28
exploitpack
exploitpack
Android - Binder Driver Use-After-Free
2019-10-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Android Binder Use After Free (CVE-2019-2215)
2020-01-15 00:00:00
threatpost
threatpost
Google Warns of Android Zero-Day Bug Under Active Attack
2019-10-04 16:20:54
SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign
2020-12-09 19:53:13
A Brisk Private Trade in Zero-Days Widens Their Use
2020-04-06 21:05:06
cve
cve
CVE-2019-2215
2019-10-11 19:15:00
CVE-2020-0030
2020-02-13 15:15:00
debiancve
debiancve
CVE-2019-2215
2019-10-11 19:15:00
CVE-2020-0030
2020-02-13 15:15:00
metasploit
metasploit
Android Binder Use-After-Free Exploit
2019-10-17 10:48:49
redhatcve
redhatcve
CVE-2020-0030
2020-04-30 13:40:08
CVE-2019-2215
2020-02-21 15:44:29
googleprojectzero
googleprojectzero
Bad Binder: Android In-The-Wild Exploit
2019-11-21 00:00:00
A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
2022-11-04 00:00:00
Root Cause Analyses for 0-day In-the-Wild Exploits
2020-07-29 00:00:00
ubuntucve
ubuntucve
CVE-2019-2215
2019-10-11 00:00:00
exploitdb
exploitdb
Android - Binder Driver Use-After-Free
2019-10-04 00:00:00
Android Binder - Use-After-Free (Metasploit)
2020-02-24 00:00:00
cisa_kev
cisa_kev
Android Kernel Use-After-Free Vulnerability
2021-11-03 00:00:00
Android Kernel Out-of-Bounds Write Vulnerability
2021-11-03 00:00:00
Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability
2021-11-03 00:00:00
trendmicroblog
trendmicroblog
This Week in Security News: INTERPOL Collaboration Reduces Cryptojacking by 78% and Three Malicious Apps Found on Google Play May be Linked to SideWinder APT Group
2020-01-10 13:37:59
qualysblog
qualysblog
Expand Your Vulnerability & Patch Management Program to Mobile Devices with Qualys VMDR
2021-02-10 21:17:00
fireeye
fireeye
Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill β€” Intelligence for Vulnerability Management, Part One
2020-04-06 00:00:00
androidsecurity
androidsecurity
Pixel Update Bulletinβ€”October 2019
2019-10-07 00:00:00
impervablog
impervablog
The State of Vulnerabilities in 2019
2020-01-23 08:56:58
github
github
Pwning the all Google phone with a non-Google bug
2023-01-23 15:05:19
openvas
openvas
Ubuntu: Security Advisory (USN-4186-1)
2019-11-13 00:00:00
Slackware: Security Advisory (SSA:2019-311-01)
2022-04-21 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2693)
2020-01-23 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2019-11-13 00:00:00
Linux kernel vulnerabilities
2019-11-13 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4186-1)
2019-11-13 00:00:00
Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)
2019-11-08 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2693)
2019-12-23 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-11-07 22:31:40
osv
osv
linux - security update
2020-01-17 00:00:00
linux-4.9 - security update
2020-02-21 00:00:00
debian
debian
[SECURITY] [DLA 2068-1] linux security update
2020-01-18 04:38:12
[SECURITY] [DLA 2114-1] linux-4.9 security update
2020-03-02 18:14:56

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON
Related for UB:CVE-2020-0030
prion2symantec1attackerkb1huawei1thn6zdt2packetstorm2githubexploit10exploitpack1checkpoint_advisories1threatpost6cve2debiancve2metasploit1redhatcve2googleprojectzero5ubuntucve1exploitdb2cisa_kev3trendmicroblog1qualysblog1fireeye1androidsecurity1impervablog1github1openvas7ubuntu2nessus7slackware1osv2debian2