Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-2025

Опубликовано: 04 мар. 2019
Источник: redhat
CVSS3: 5.1
EPSS Низкий

Описание

In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-altNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise MRG 2kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-362->CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1696020kernel: Use-after-free due to race condition in android/binder.c

EPSS

Процентиль: 48%
0.00252
Низкий

5.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-2025

CVSS3: 7.8
ubuntu
больше 6 лет назад

In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel

nvd логотип

CVE-2019-2025

CVSS3: 7.8
nvd
больше 6 лет назад

In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel

debian логотип

CVE-2019-2025

CVSS3: 7.8
debian
больше 6 лет назад

In binder_thread_read of binder.c, there is a possible use-after-free ...

github логотип

GHSA-rw3m-hc9w-4j75

github
больше 3 лет назад

In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel

EPSS

Процентиль: 48%
0.00252
Низкий

5.1 Medium

CVSS3