PT-2019-5695 · Google+5 · Android Kernel+5

Elena Petrova

Published

2019-10-03

Updated

2022-10-25

CVE-2020-0427

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Android kernel versions (affected versions not specified)

Description The issue is related to the create pinctrl function in core.c, which is part of the Android operating system. It involves a use after free error, potentially leading to an out of bounds read. This could result in local information disclosure without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-125

Related Identifiers

ALSA-2021:4356

BDU:2020-05785

CESA-2021_0856

CESA-2021_4140

CESA-2021_4356

CVE-2020-0427

DLA-2494-1

LSN-0074-1

OPENSUSE-SU-2020:1586-1

OPENSUSE-SU-2020:1655-1

OPENSUSE-SU-2020_1586-1

OPENSUSE-SU-2020_1655-1

OPENSUSE-SU-2021:0242-1

OPENSUSE-SU-2021_0242-1

RHSA-2021:0856

RHSA-2021:0857

RHSA-2021:4140

RHSA-2021:4356

RHSA-2021_0856

RHSA-2021_0857

RHSA-2021_4140

RHSA-2021_4356

SUSE-SU-2020:2879-1

SUSE-SU-2020:2904-1

SUSE-SU-2020:2905-1

SUSE-SU-2020:2906-1

SUSE-SU-2020:2907-1

SUSE-SU-2020:2908-1

SUSE-SU-2020:2999-1

SUSE-SU-2020:3014-1

SUSE-SU-2020:3501-1

SUSE-SU-2020:3503-1

SUSE-SU-2020:3532-1

SUSE-SU-2020:3544-1

USN-4657-1

Affected Products

Almalinux

Android Kernel

Centos

Red Hat

Suse

Ubuntu

PT-2019-5695 · Google+5 · Android Kernel+5

CVE-2020-0427

Weakness Enumeration

Related Identifiers

Affected Products

References · 1022