PT-2019-19674 · Google · Android Kernel

Published

2019-11-13

Updated

2021-07-21

CVE-2019-9467

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a possible kernel command injection in the Bootloader due to missing command sanitization. This could lead to a local elevation of privilege, with System execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android kernel, consider applying a patch or fix that addresses the missing command sanitization issue in the Bootloader to prevent kernel command injection.

Fix

RCE

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-77

Related Identifiers

CVE-2019-9467

Affected Products

Android Kernel

PT-2019-19674 · Google · Android Kernel

CVE-2019-9467

Weakness Enumeration

Related Identifiers

Affected Products

References · 2