Published: 11/10/2019 Updated: 18/10/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Google Android could allow a local authenticated malicious user to gain elevated privileges on the system, caused by a use-after-free in the binder driver at /drivers/android/binder.c. By executing a specially-crafted application, an attacker could exploit this vulnerability to gain elevated privileges.

Vulnerability Trend

Affected Products

Vendor Product Versions

Vendor Advisories

Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
There is a use-after-free vulnerability in binderc of Android kernel Successful exploitation may cause the attacker elevate the privilege (Vulnerability ID: HWPSIRT-2019-10100) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-2215   Huawei has released software updates to fix this vulnerability Th ...


The following issue exists in the android-msm-wahoo-44-pie branch of androidgooglesourcecom/kernel/msm (and possibly others): There is a use-after-free of the wait member in the binder_thread struct in the binder driver at /drivers/android/binderc As described in the upstream commit: “binder_poll() passes the thread->wait wait ...

Mailing Lists

These are notes on further exploitation of the Android Binder use-after-free vulnerability as noted in CVE-2019-2215 and leveraged against Kernel 34x and 318x on Samsung Devices using Samsung Android and LineageOS ...
Hi list, Some of my notes on exploitation of CVE 2019-2215 Android Binder Use After Free on Kernel 34x and 318x on Samsung Devices using Samsung Android and LineageOS: githubcom/marcinguy/CVE-2019-2215/ Feel free to update/post if you have managed to get it working on different devices/kernels Thanks, ____________________________ ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 142 kernel (SSA:2019-311-01) New kernel packages are available for Slackware 142 to fix security issues Here are the details from the Slackware 142 ChangeLog: +--------------------------+ patches/packages/linux-44199/*: Upgraded These updates fix various bug ...

Recent Articles

Here we go again: Software nasties slip into Google Play, exploit make-me-root Android flaw for maximum pwnage
The Register • Shaun Nichols in San Francisco • 07 Jan 2020

Apps spotted abusing use-after-free() bug seven months before patch

At least three malicious apps with device-hijacking exploits have made it onto the Google Play Store in recent weeks.
This is according to eggheads at Trend Micro, who found that the since-removed applications were all abusing a use-after-free() flaw in the operating system to elevate their privileges, and pull down and run further malware from a command-and-control server. The malicious apps were Camero, FileCrypt, and callCam, so check if you still have them installed.
"The three m...

T-Mobile US hacked, Monero wallet app infected, public info records on 1.2bn people leak from database...
The Register • Shaun Nichols in San Francisco • 23 Nov 2019

...OnePlus also compromised, and much more

Roundup Time for another roundup of all the security news that's fit to print and that we haven't covered yet.
T-Mobile US prepaid account holders got some unwelcome news this week when their wireless carrier admitted on Friday it was compromised by miscreants who would have been able to ogle customers' personal information.
Exposed details include name, billing address, account number, and mobile plan types. T-Mobile notes that, at least, no bank card info was exposed.
"Our cy...

Google October Android Security Update Fixes Critical RCE Flaws
Threatpost • Lindsey O'Donnell • 08 Oct 2019

Google has released fixes for three critical-severity vulnerabilities in the Media framework of its Android operating system, which if exploited could allow a remote attacker to execute code.
The remote code execution (RCE) flaws are part of Google’s October 2019 Android Security Bulletin, which deployed fixes for high and critical-severity vulnerabilities tied to nine CVEs overall. Qualcomm, whose chips are used in Android devices, also patched 18 high and critical-severity...

Google Warns of Android Zero-Day Bug Under Active Attack
Threatpost • Tom Spring • 04 Oct 2019

Google is warning of an Android zero-day flaw actively being exploited in the wild, which gives an attacker full control over 18 phone models including its flagship Pixel handset and devices made by Samsung, Huawei and Xiaomi.
Google’s Project Zero warned late Thursday that it suspected the vulnerability was being exploited by the controversial Israeli-based NSO Group Technologies or one of its customers. The NSO Group has been criticized for selling zero-day exploits to “authorized go...

Actively Exploited Android Zero-Day Impacts Google, Samsung Devices
BleepingComputer • Sergiu Gatlan • 04 Oct 2019

Google's Threat Analysis Group (TAG) says that a new Android zero-day is actively being exploited in the wild in attacks targeting vulnerable Google Pixel, Huawei, Xiaomi, Samsung, Oppo, and Moto smartphones.
This zero-day is a kernel local privilege escalation (LPE) bug using a use-after-free vulnerability in the Android binder driver that can be exploited by potential attackers to get full-control of unpatched devices.
"If the exploit is delivered via the web, it only needs to be ...