Published: 14/10/2020 Updated: 28/04/2022

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 642

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android -
debian debian linux 9.0

In binder_release_work of binderc, there is a possible use-after-free due to improper locking This could lead to local escalation of privilege in the kernel with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android kernelAndroid ID: A-161151868References: N/A (<a href=http ...

CWE-416 CWE-667 https://source.android.com/security/bulletin/2020-10-01 https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2020-1556.html

CVE-2020-0423

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect