exploitDog

GHSA-x9xh-3ffc-hr3f

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789.

In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789.

Ссылки

EPSS

Процентиль: 75%

0.00889

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-416

Связанные уязвимости

CVE-2019-2030

CVSS3: 9.8

nvd

почти 7 лет назад

In removeInterfaceAddress of NetworkController.cpp, there is a possible use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-119496789.

EPSS

Процентиль: 75%

0.00889

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-416