CVE-2023-20928

Updated: 2023-11-04 21:09:32.60082

Description:

In binder_vma_close of binder.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-254837884References: Upstream kernel


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-12-26 13:11:09
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2023-11-04 09:31:07
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2023-11-18 10:08:58
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2023-11-18 10:08:58
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2024-05-08 10:20:01
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2023-12-26 13:11:09
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Not Vulnerable 2023-11-06 02:37:18