1. Home
  2. Vulnerabilities
  3. CVE-2019-2214

CVE-2019-2214

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 7.2 (High)
72% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 2
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

In binder_transaction of binder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-136210786References: Upstream kernel

Weaknesses
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
Android (associated with Google Inc. or Open Handset Alliance)
Published Date
2019-11-13 18:15:12
(4 years ago)
Updated Date
2022-04-18 15:46:19
(2 years ago)

Affected Products

Canonical

Google

Configuration #1

    CPE23 From Up To
  Google Android cpe:2.3:o:google:android:-

Configuration #2

    CPE23 From Up To
  Canonical Ubuntu Linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts
  Canonical Ubuntu Linux 19.04 cpe:2.3:o:canonical:ubuntu_linux:19.04