In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android - |
Except one – a 'your phone is now my phone' bug reported months ago and still not fixed Fancy buying a compact and bijou cardboard box home in a San Francisco alley? This $2.5m Android bounty will get you nearly there
Google this week emitted the September edition of its monthly Android security updates – and has left at least one known vulnerability unpatched. Also, in case you missed it, the web giant started rolling out Android 10 a few days ago. The September 2019 bundle of security fixes will be pushed out automatically to Google-branded devices, while those with other Android gear will be fed the fixes by their device manufacturer or mobile carrier. Some of the holes can be patched remotely by the ad ...