CVE-2019-2215

critical-risk

Published 2019-10-11

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095

Do I need to act?

50.8% chance of exploitation in next 30 days

EPSS score — higher than 49% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

2 public exploits available

47463, 48129

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (20)

Android

Debian Linux

Ubuntu Linux

Cloud Backup

Data Availability Services

Hci Management Node

Service Processor

Solidfire

Steelstore Cloud Integrated Storage

Solidfire Baseboard Management Controller Firmware

Aff Baseboard Management Controller Firmware

A320 Firmware

C190 Firmware

A220 Firmware

Fas2720 Firmware

Fas2750 Firmware

A800 Firmware

H300S Firmware

H500S Firmware

H700S Firmware

Affected Vendors

Debian Google Canonical Huawei Netapp

References (23)

Exploit http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html

Patch http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackwar...

Exploit http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html

Mailing List http://seclists.org/fulldisclosure/2019/Oct/38

Third Party Advisory http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-...

Mailing List https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html

Mailing List https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html

Mailing List https://seclists.org/bugtraq/2019/Nov/11

Third Party Advisory https://security.netapp.com/advisory/ntap-20191031-0005/

Vendor Advisory https://source.android.com/security/bulletin/2019-10-01

Third Party Advisory https://usn.ubuntu.com/4186-1/

Exploit http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html

Patch http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackwar...

Exploit http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html

Mailing List http://seclists.org/fulldisclosure/2019/Oct/38

Third Party Advisory http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-...

Mailing List https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html

Mailing List https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html

Mailing List https://seclists.org/bugtraq/2019/Nov/11

Third Party Advisory https://security.netapp.com/advisory/ntap-20191031-0005/

and 3 more references

/ 100

critical-risk

Severity 24/34 · High

Exploitability 32/34 · Critical

Exposure 28/34 · Critical