CVE-2023-20928Use After Free in Google Android

CWE-416Use After FreeCWE-667Improper Locking15 documents6 sources
Severity
7.8HIGHNVD
OSV6.6
EPSS
0.1%
top 70.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian LinuxGoogle Android
Timeline
PublishedJan 26
Latest updateMar 3

Description

In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

Debianlinux/linux_kernel< 5.10.158-1+3
Ubuntulinux/linux_kernel< 5.4.0-139.156
debiandebian/linux< linux 5.19.6-1 (bookworm)

🔴Vulnerability Details

8
OSV
linux-bluefield vulnerabilities2023-03-03
OSV
linux-azure-fde vulnerabilities2023-03-02
OSV
linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-oracle-5.4 vulnerabilities2023-02-15
OSV
linux-gke vulnerabilities2023-02-15
OSV
linux, linux-aws, linux-azure, linux-azure-5.4, linux-gkeop, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4 vulnerabilities2023-02-09

📋Vendor Advisories

6
Ubuntu
Linux kernel (BlueField) vulnerabilities2023-03-03
Ubuntu
Linux kernel (Azure CVM) vulnerabilities2023-03-02
Ubuntu
Linux kernel (GKE) vulnerabilities2023-02-15
Ubuntu
Linux kernel vulnerabilities2023-02-15
Android
CVE-2023-20928: Binder driver2023-01-01