CVE-2019-2215
published 2019-10-11CVE-2019-2215: A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2022-05-03
Exploited in the wild
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Affected
71 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 4.15.4-1 (bookworm) | linux 4.15.4-1 (bookworm) |
| android | — | — | |
| huawei | alp-al00b_firmware | < 10.0.0.162\(c00e156r2p4\) | 10.0.0.162\(c00e156r2p4\) |
| huawei | alp-tl00b_firmware | < 10.0.0.162\(c01e156r1p4\) | 10.0.0.162\(c01e156r1p4\) |
| huawei | anne-al00_firmware | < 9.1.0.126\(c00e126r1p7t8\) | 9.1.0.126\(c00e126r1p7t8\) |
| huawei | ares-al00b_firmware | < 9.1.0.165\(c00e165r2p5t8\) | 9.1.0.165\(c00e165r2p5t8\) |
| huawei | ares-al10d_firmware | < 9.1.0.165\(c00e165r2p5t8\) | 9.1.0.165\(c00e165r2p5t8\) |
| huawei | ares-tl00chw_firmware | < 8.2.0.163\(c01r2p1\) | 8.2.0.163\(c01r2p1\) |
| huawei | barca-al00_firmware | < 8.0.0.377\(c00\) | 8.0.0.377\(c00\) |
| huawei | berkeley-l09_firmware | < 9.1.0.351\(c432e5r1p13t8\) | 9.1.0.351\(c432e5r1p13t8\) |
| huawei | berkeley-tl10_firmware | < 9.1.0.333\(c01e333r1p1t8\) | 9.1.0.333\(c01e333r1p1t8\) |
| huawei | bla-al00b_firmware | < 10.0.0.170\(c786e170r2p4\) | 10.0.0.170\(c786e170r2p4\) |
| huawei | bla-l29c_firmware | < 9.1.0.300\(c432e4r1p11t8\) | 9.1.0.300\(c432e4r1p11t8\) |
| huawei | bla-tl00b_firmware | < 10.0.0.170\(c01e170r1p4\) | 10.0.0.170\(c01e170r1p4\) |
| huawei | columbia-al00a_firmware | < 8.1.0.186\(c00gt\) | 8.1.0.186\(c00gt\) |
| huawei | columbia-l29d_firmware | < 9.1.0.325\(c432e4r1p12t8\) | 9.1.0.325\(c432e4r1p12t8\) |
| huawei | cornell-tl10b_firmware | < 9.1.0.321\(c01e320r1p1t8\) | 9.1.0.321\(c01e320r1p1t8\) |
| huawei | duke-l09i_firmware | < 9.0.1.171\(c675e6r1p5t8\) | 9.0.1.171\(c675e6r1p5t8\) |
| huawei | dura-al00a_firmware | < 1.0.0.190\(c00\) | 1.0.0.190\(c00\) |
| huawei | figo-al00a_firmware | < 9.1.0.130\(c00e115r2p8t8\) | 9.1.0.130\(c00e115r2p8t8\) |
| huawei | florida-al20b_firmware | < 9.1.0.128\(c00e112r1p6t8\) | 9.1.0.128\(c00e112r1p6t8\) |
| huawei | florida-l03_firmware | < 9.1.0.154\(c605e7r1p2t8\) | 9.1.0.154\(c605e7r1p2t8\) |
| huawei | florida-l21_firmware | < 9.1.0.154\(c605e7r1p2t8\) | 9.1.0.154\(c605e7r1p2t8\) |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH
vulncheck7.8HIGH
cisa7.8HIGH