CVE-2019-1999 - In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking

CVE-2019-1999

Summary

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.

References

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 22-04-2022 - 20:42)
Impact:
Exploitability:

CWE

CWE-415

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	106851
bugtraq	20190812 [SECURITY] [DSA 4495-1] linux security update
confirm	https://source.android.com/security/bulletin/2019-02-01
debian	DSA-4495
exploit-db	46357
ubuntu	USN-3979-1

Last major update

22-04-2022 - 20:42

Published

28-02-2019 - 17:29

Last modified

22-04-2022 - 20:42