Exploited
high
7.8
CWE
416
Advisory Published
CVE Published
Updated

CVE-2019-2215: Android Kernel Use-After-Free Vulnerability

First published: Mon Oct 07 2019(Updated: )

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095

Credit: security@android.com security@android.com security@android.com

Affected SoftwareAffected VersionHow to fix
Google Android
Debian Debian Linux=8.0
Canonical Ubuntu Linux=16.04
Netapp Cloud Backup
Netapp Data Availability Services
Netapp Hci Management Node
NetApp Service Processor
Netapp Solidfire
Netapp Steelstore Cloud Integrated Storage
All of
Netapp Solidfire Baseboard Management Controller Firmware
Netapp Solidfire Baseboard Management Controller
All of
Netapp Aff Baseboard Management Controller Firmware
Netapp Aff Baseboard Management Controller=a700s
All of
Netapp A320 Firmware
Netapp A320
All of
Netapp C190 Firmware
Netapp C190
All of
Netapp A220 Firmware
Netapp A220
All of
Netapp Fas2720 Firmware
Netapp Fas2720
All of
Netapp Fas2750 Firmware
Netapp Fas2750
All of
Netapp A800 Firmware
Netapp A800
All of
Netapp H300s Firmware
Netapp H300s
All of
Netapp H500s Firmware
Netapp H500s
All of
Netapp H700s Firmware
Netapp H700s
All of
Netapp H410s Firmware
Netapp H410s
All of
Netapp H410c Firmware
Netapp H410c
All of
Netapp H610s Firmware
Netapp H610s
All of
Huawei Alp-al00b Firmware<10.0.0.162\(c00e156r2p4\)
Huawei ALP-AL00B
All of
Huawei Alp-tl00b Firmware<10.0.0.162\(c01e156r1p4\)
Huawei Alp-tl00b
All of
Huawei Anne-al00 Firmware<9.1.0.126\(c00e126r1p7t8\)
Huawei Anne-al00
All of
Huawei Ares-al00b Firmware<9.1.0.165\(c00e165r2p5t8\)
Huawei Ares-al00b
All of
Huawei Ares-al10d Firmware<9.1.0.165\(c00e165r2p5t8\)
Huawei Ares-al10d
All of
Huawei Ares-tl00chw Firmware<8.2.0.163\(c01r2p1\)
Huawei Ares-tl00chw
All of
Huawei Bla-al00b Firmware<10.0.0.170\(c786e170r2p4\)
Huawei Bla-al00b
All of
Huawei Bla-l29c Firmware<9.1.0.300\(c432e4r1p11t8\)
Huawei Bla-l29c
All of
Huawei Bla-tl00b Firmware<10.0.0.170\(c01e170r1p4\)
Huawei Bla-tl00b
All of
Huawei Barca-al00 Firmware<8.0.0.377\(c00\)
Huawei Barca-al00
All of
Huawei Berkeley-l09 Firmware<9.1.0.351\(c432e5r1p13t8\)
Huawei Berkeley-l09
All of
Huawei Berkeley-tl10 Firmware<9.1.0.333\(c01e333r1p1t8\)
Huawei Berkeley-tl10
All of
Huawei Columbia-al00a Firmware<8.1.0.186\(c00gt\)
Huawei Columbia-al00a
All of
Huawei Columbia-l29d Firmware<9.1.0.325\(c432e4r1p12t8\)
Huawei Columbia-l29d
All of
Huawei Cornell-tl10b Firmware<9.1.0.321\(c01e320r1p1t8\)
Huawei Cornell-tl10b
All of
Huawei Duke-l09i Firmware<9.0.1.171\(c675e6r1p5t8\)
Huawei Duke-l09i
All of
Huawei Dura-al00a Firmware<1.0.0.190\(c00\)
Huawei Dura-al00a
All of
Huawei Figo-al00a Firmware<9.1.0.130\(c00e115r2p8t8\)
Huawei Figo-al00a
All of
Huawei Florida-al20b Firmware<9.1.0.128\(c00e112r1p6t8\)
Huawei Florida-al20b
All of
Huawei Florida-l03 Firmware<9.1.0.154\(c605e7r1p2t8\)
Huawei Florida-l03
All of
Huawei Florida-l21 Firmware<9.1.0.154\(c605e7r1p2t8\)
Huawei Florida-l21
All of
Huawei Florida-l22 Firmware<9.1.0.150\(c636e6r1p5t8\)
Huawei Florida-l22
All of
Huawei Florida-tl10b Firmware<9.1.0.128\(c01e112r1p6t8\)
Huawei Florida-tl10b
All of
Huawei Mate Rs Firmware=9.1.0.321\(c786e320r1p1t8\)
Huawei Mate RS
All of
Huawei P20 Firmware<9.1.0.312\(c00e312r1p1t8\)
HUAWEI P20
All of
Huawei P20 Lite Firmware<9.1.0.200\(c605e4r1p3t8\)
Huawei P20 Lite
All of
Huawei P20 Lite Firmware<9.1.0.200\(c635e5r1p1t8\)
Huawei P20 Lite
All of
Huawei P20 Lite Firmware<9.1.0.246\(c432e6r1p7t8\)
Huawei P20 Lite
All of
Huawei Y9 2019 Firmware<9.1.0.297\(c605e4r1p1t8\)
HUAWEI Y9 2019
All of
Huawei Nova 2s Firmware<9.1.0.210\(c01e110r1p9t8\)
Huawei Nova 2s
All of
Huawei Nova 3 Firmware<9.1.0.351\(c00e351r1p1t8\)
Huawei Nova 3
All of
Huawei Nova 3e Firmware<9.1.0.200\(c636e4r1p5t8\)
Huawei Nova 3e
All of
Huawei P20 Lite Firmware<9.1.0.200\(c636e4r1p5t8\)
Huawei P20 Lite
All of
Huawei P20 Lite Firmware<9.1.0.201\(c636e4r1p5t8\)
Huawei P20 Lite
All of
Huawei Nova 3e Firmware<9.1.0.201\(c636e4r1p5t8\)
Huawei Nova 3e
All of
Huawei Nova 3e Firmware<9.1.0.201\(zafc185e4r1p8t8\)
Huawei Nova 3e
All of
Huawei P20 Lite Firmware<9.1.0.201\(zafc185e4r1p8t8\)
Huawei P20 Lite
All of
Huawei Honor View 20 Firmware<10.1.0.214\(c10e5r4p3\)
Huawei Honor View 20
All of
Huawei Jakarta-al00a Firmware<9.1.0.260\(c00e120r2p2\)
Huawei Jakarta-al00a
All of
Huawei Johnson-tl00d Firmware<9.1.0.219\(c01e18r3p2t8\)
Huawei Johnson-tl00d
All of
Huawei Leland-al10b Firmware<9.1.0.130\(c00e112r2p10t8\)
Huawei Leland-al10b
All of
Huawei Leland-l21a Firmware<9.1.0.156\(c185e5r1p5t8\)
Huawei Leland-l21a
All of
Huawei Leland-l32a Firmware<9.1.0.153\(c675e6r1p4t8\)
Huawei Leland-l32a
All of
Huawei Leland-tl10b Firmware<9.1.0.130\(c01e112r2p10t8\)
Huawei Leland-tl10b
All of
Huawei Leland-tl10c Firmware<9.1.0.130\(c01e112r2p10t8\)
Huawei Leland-tl10c
All of
Huawei Lelandp-al00c Firmware<9.1.0.130\(c00e112r2p10t8\)
Huawei Lelandp-al00c
All of
Huawei Lelandp-l22c Firmware<9.1.0.156\(c636e5r1p5t8\)
Huawei Lelandp-l22c
All of
Huawei Neo-al00d Firmware<9.1.0.321\(c786e320r1p1t8\)
Huawei Neo-al00d
All of
Huawei Princeton-al10b Firmware<10.1.0.160\(c00e160r2p11\)
Huawei Princeton-al10b
All of
Huawei Rhone-al00 Firmware<8.0.0.376\(c00\)
Huawei Rhone-al00
All of
Huawei Stanford-l09 Firmware<9.1.0.211\(c635e2r1p4t8\)
Huawei Stanford-l09
All of
Huawei Stanford-l09s Firmware<9.1.0.210\(c432e2r1p5t8\)
Huawei Stanford-l09s
All of
Huawei Sydney-al00 Firmware<9.1.0.212\(c00e62r1p7t8\)
Huawei Sydney-al00
All of
Huawei Sydney-tl00 Firmware<9.1.0.212\(c01e62r1p7t8\)
Huawei Sydney-tl00
All of
Huawei Sydneym-al00 Firmware<9.1.0.212\(c00e62r1p7t8\)
Huawei Sydneym-al00
All of
Huawei Tony-al00b Firmware<10.0.0.175\(c00e59r2p11\)
Huawei Tony-al00b
All of
Huawei Tony-tl00b Firmware<10.0.0.175\(c01e59r2p11\)
Huawei Tony-tl00b
All of
Huawei Yale-al00a Firmware<10.1.0.160\(c00e160r8p12\)
Huawei Yale-al00a
All of
Huawei Yale-l21a Firmware<10.1.0.231\(c10e3r3p2\)
Huawei Yale-l21a
All of
Huawei Yale-tl00b Firmware<10.1.0.160\(c01e160r8p12\)
Huawei Yale-tl00b
All of
Huawei Honor 9i Firmware<9.1.0.130\(c00e112r2p10t8\)
Huawei Honor 9i
Google Android
Android Android Kernel
debian/linux
5.10.223-1
5.10.226-1
6.1.115-1
6.1.112-1
6.11.5-1
6.11.7-1

Remedy

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

Remedy

https://seclists.org/bugtraq/2019/Nov/11

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2019-2215?

    CVE-2019-2215 is a use-after-free vulnerability in the Android Kernel.

  • How does CVE-2019-2215 affect Android Kernel?

    CVE-2019-2215 allows an elevation of privilege from an application to the Linux Kernel.

  • What is the severity of CVE-2019-2215?

    CVE-2019-2215 has a severity rating of high.

  • How can CVE-2019-2215 be exploited?

    Exploiting CVE-2019-2215 requires either the installation of a malicious local application or a separate vulnerability in a network fa…

  • Are there any references for CVE-2019-2215?

    References for CVE-2019-2215 can be found at the following links: [Link 1](https://source.android.com/security/bulletin/2019-10-01), [Link 2](http://seclists.org/fulldisclosure/2019/Oct/38), [Link 3](http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203