PT-2019-19667 · Google+4 · Android Kernel+4

Publicado

2019-09-03

·

Atualizado

2022-04-18

·

CVE-2019-9458

CVSS v3.1

7.0

Alta

VetorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Android kernel (affected versions not specified)
Description The issue is related to a use after free due to a race condition in the video driver of the Android kernel. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2020:4431
CESA-2020_4060
CESA-2020_4431
CESA-2020_4609
CVE-2019-9458
OPENSUSE-SU-2020:0543-1
OPENSUSE-SU-2020_0543-1
RHSA-2020:2854
RHSA-2020:4060
RHSA-2020:4062
RHSA-2020:4431
RHSA-2020:4609
RHSA-2020_4060
RHSA-2020_4062
RHSA-2020_4431
RHSA-2020_4609
SUSE-SU-2020:1084-1
SUSE-SU-2020:1085-1
SUSE-SU-2020:1087-1
SUSE-SU-2020:1118-1
SUSE-SU-2020:1119-1
SUSE-SU-2020:1123-1
SUSE-SU-2020:1141-1
SUSE-SU-2020:1142-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:1255-1
SUSE-SU-2020:1275-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:2491-1
SUSE-SU-2020:2492-1
SUSE-SU-2020:2497-1
SUSE-SU-2020:2498-1
SUSE-SU-2020:2505-1
SUSE-SU-2020:2506-1
SUSE-SU-2020:2507-1
SUSE-SU-2020:2513-1
SUSE-SU-2020:2526-1
SUSE-SU-2020:2531-1
SUSE-SU-2020_1663-1
SUSE-SU-2020_2531-1

Produtos afetados

Almalinux
Android Kernel
Centos
Red Hat
Suse