Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-2130

Опубликовано: 20 авг. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 10
CVSS3: 9.8

Описание

In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132073833.

РелизСтатусПримечание
bionic

not-affected

devel

not-affected

code not present
disco

ignored

end of life
eoan

not-affected

code not present
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

xenial

not-affected

Показывать по

РелизСтатусПримечание
bionic

not-affected

devel

not-affected

disco

ignored

end of life
eoan

not-affected

esm-apps/bionic

not-affected

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 78%
0.01098
Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-2130

CVSS3: 9.8
nvd
больше 6 лет назад

In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132073833.

github логотип

GHSA-4828-w5pr-7qgw

github
больше 3 лет назад

In CompilationJob::FinalizeJob of compiler.cc, there is a possible remote code execution due to type confusion. This could lead to escalation of privilege from a malicious proxy configuration with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-132073833.

EPSS

Процентиль: 78%
0.01098
Низкий

10 Critical

CVSS2

9.8 Critical

CVSS3