Vulnerability Details CVE-2019-2025
In binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-116855682References: Upstream kernel
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References