PT-2019-16133 · Google · Android
Publicado
2019-04-19
·
Atualizado
2019-04-22
·
CVE-2019-2030
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Android version 9
Description
The issue is related to a possible use after free in the
removeInterfaceAddress function of NetworkController.cpp. This could lead to remote code execution with no additional execution privileges needed. User interaction is not required for exploitation.Recommendations
For Android version 9, update to a version that includes the fix for the issue in
NetworkController.cpp, specifically addressing the removeInterfaceAddress function to prevent use after free.Correção
Use After Free
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android