PT-2019-5695 · Google+5 · Android Kernel+5

Elena Petrova

·

Publicado

2019-10-03

·

Atualizado

2022-10-25

·

CVE-2020-0427

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Android kernel versions (affected versions not specified)
Description The issue is related to the create pinctrl function in core.c, which is part of the Android operating system. It involves a use after free error, potentially leading to an out of bounds read. This could result in local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416CWE-125

Identificadores relacionados

ALSA-2021:4356
BDU:2020-05785
CESA-2021_0856
CESA-2021_4140
CESA-2021_4356
CVE-2020-0427
DLA-2494-1
LSN-0074-1
OPENSUSE-SU-2020:1586-1
OPENSUSE-SU-2020:1655-1
OPENSUSE-SU-2020_1586-1
OPENSUSE-SU-2020_1655-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
RHSA-2021:0856
RHSA-2021:0857
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_0856
RHSA-2021_0857
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2020:2879-1
SUSE-SU-2020:2904-1
SUSE-SU-2020:2905-1
SUSE-SU-2020:2906-1
SUSE-SU-2020:2907-1
SUSE-SU-2020:2908-1
SUSE-SU-2020:2999-1
SUSE-SU-2020:3014-1
SUSE-SU-2020:3501-1
SUSE-SU-2020:3503-1
SUSE-SU-2020:3532-1
SUSE-SU-2020:3544-1
USN-4657-1

Produtos afetados

Almalinux
Android Kernel
Centos
Red Hat
Suse
Ubuntu