CVE-2018-9465 - In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after fr

CVE-2018-9465

Summary

In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel.

References

http://www.securitytracker.com/id/1041432
https://source.android.com/security/bulletin/2018-08-01

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 12-12-2018 - 14:31)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm	https://source.android.com/security/bulletin/2018-08-01
sectrack	1041432

Last major update

12-12-2018 - 14:31

Published

06-11-2018 - 17:29

Last modified

12-12-2018 - 14:31