exploitDog

CVE-2019-2188

Опубликовано: 27 сент. 2019

Источник: nvd

CVSS3: 6.4

CVSS2: 6.9

EPSS Низкий

Описание

In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112309571

Ссылки

https://source.android.com/security/bulletin/pixel/2019-09-01
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2019-09-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00011

Низкий

6.4 Medium

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-f3wj-cv4w-9cvw

CVSS3: 6.4

github

больше 3 лет назад

In the Easel driver, there is possible memory corruption due to race conditions. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112309571

EPSS

Процентиль: 1%

0.00011

Низкий

6.4 Medium

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-362