Published: 08/01/2020 Updated: 14/10/2022

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android -
debian debian linux 8.0

Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN ...

CWE-276 http://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html https://source.android.com/security/bulletin/2020-01-01 https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html https://nvd.nist.gov https://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-0009

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect