PT-2019-19667 · Google+4 · Android Kernel+4

Published

2019-09-03

·

Updated

2022-04-18

·

CVE-2019-9458

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Android kernel (affected versions not specified)
Description The issue is related to a use after free due to a race condition in the video driver of the Android kernel. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-362CWE-416

Related Identifiers

ALSA-2020:4431
CESA-2020_4060
CESA-2020_4431
CESA-2020_4609
CVE-2019-9458
OPENSUSE-SU-2020:0543-1
OPENSUSE-SU-2020_0543-1
RHSA-2020:2854
RHSA-2020:4060
RHSA-2020:4062
RHSA-2020:4431
RHSA-2020:4609
RHSA-2020_4060
RHSA-2020_4062
RHSA-2020_4431
RHSA-2020_4609
SUSE-SU-2020:1084-1
SUSE-SU-2020:1085-1
SUSE-SU-2020:1087-1
SUSE-SU-2020:1118-1
SUSE-SU-2020:1119-1
SUSE-SU-2020:1123-1
SUSE-SU-2020:1141-1
SUSE-SU-2020:1142-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:1255-1
SUSE-SU-2020:1275-1
SUSE-SU-2020:1663-1
SUSE-SU-2020:2491-1
SUSE-SU-2020:2492-1
SUSE-SU-2020:2497-1
SUSE-SU-2020:2498-1
SUSE-SU-2020:2505-1
SUSE-SU-2020:2506-1
SUSE-SU-2020:2507-1
SUSE-SU-2020:2513-1
SUSE-SU-2020:2526-1
SUSE-SU-2020:2531-1
SUSE-SU-2020_1663-1
SUSE-SU-2020_2531-1

Affected Products

Almalinux
Android Kernel
Centos
Red Hat
Suse