In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A
References
Link | Resource |
---|---|
https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html | Mailing List Third Party Advisory |
https://source.android.com/security/bulletin/2020-10-01 | Vendor Advisory |
Configurations
History
28 Apr 2022, 18:23
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html - Mailing List, Third Party Advisory | |
CWE | CWE-416 | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
Information
Published : 2020-10-14 14:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-0423
Mitre link : CVE-2020-0423
CVE.ORG link : CVE-2020-0423
JSON object : View
Products Affected
debian
- debian_linux
- android