PT-2019-16127 · Google+2 · Android Kernel+2

Publicado

2019-03-26

Atualizado

2019-09-02

CVE-2019-2024

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible use after free problem in the em28xx unregister dvb function of em28xx-dvb.c. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android kernel, consider applying the fix from the upstream kernel to resolve the issue.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

CVE-2019-2024

DLA-1799-1

DLA-1799-2

OPENSUSE-SU-2019:1193-1

OPENSUSE-SU-2019_1085-1

OPENSUSE-SU-2019_1193-1

SUSE-SU-2019:0765-1

SUSE-SU-2019:0767-1

SUSE-SU-2019:0784-1

SUSE-SU-2019:0785-1

SUSE-SU-2019:0801-1

SUSE-SU-2019:0828-1

SUSE-SU-2019:0901-1

SUSE-SU-2019_0801-1

USN-4094-1

USN-4118-1

Produtos afetados

Android Kernel

Suse

Ubuntu

PT-2019-16127 · Google+2 · Android Kernel+2

CVE-2019-2024

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 658