Updated: 2023-12-06
CWE: Improper Privilege Management
Description:
In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| Ubuntu 19.04 | 5.0.0-38.41 | USN-4226-1 |
| Ubuntu 18.04 Azure | 5.0.0-1028.30~18.04.1 | USN-4226-1 |
| OS | Original kernel version | State |
|---|---|---|
| Ubuntu 18.04 GCP | |
Ready For Release |
| Ubuntu 19.04 | |
Ready For Release |
| Ubuntu 18.04 Azure | |
Ready For Release |
| Debian 9 backports | |
Ready For Release |