CVE-2019-9458 - In the Android kernel in the video driver there is a use after free due to a race condition. This co

CVE-2019-9458

Summary

In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

CVSS

Base:	4.4 (as of 18-04-2022 - 16:13)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:P/A:P

redhat via4

rpms

kernel-0:4.14.0-115.26.1.el7a
kernel-abi-whitelists-0:4.14.0-115.26.1.el7a
kernel-bootwrapper-0:4.14.0-115.26.1.el7a
kernel-debug-0:4.14.0-115.26.1.el7a
kernel-debug-debuginfo-0:4.14.0-115.26.1.el7a
kernel-debug-devel-0:4.14.0-115.26.1.el7a
kernel-debuginfo-0:4.14.0-115.26.1.el7a
kernel-debuginfo-common-aarch64-0:4.14.0-115.26.1.el7a
kernel-debuginfo-common-ppc64le-0:4.14.0-115.26.1.el7a
kernel-debuginfo-common-s390x-0:4.14.0-115.26.1.el7a
kernel-devel-0:4.14.0-115.26.1.el7a
kernel-doc-0:4.14.0-115.26.1.el7a
kernel-headers-0:4.14.0-115.26.1.el7a
kernel-kdump-0:4.14.0-115.26.1.el7a
kernel-kdump-debuginfo-0:4.14.0-115.26.1.el7a
kernel-kdump-devel-0:4.14.0-115.26.1.el7a
kernel-tools-0:4.14.0-115.26.1.el7a
kernel-tools-debuginfo-0:4.14.0-115.26.1.el7a
kernel-tools-libs-0:4.14.0-115.26.1.el7a
kernel-tools-libs-devel-0:4.14.0-115.26.1.el7a
perf-0:4.14.0-115.26.1.el7a
perf-debuginfo-0:4.14.0-115.26.1.el7a
python-perf-0:4.14.0-115.26.1.el7a
python-perf-debuginfo-0:4.14.0-115.26.1.el7a
bpftool-0:3.10.0-1160.el7
bpftool-debuginfo-0:3.10.0-1160.el7
kernel-0:3.10.0-1160.el7
kernel-abi-whitelists-0:3.10.0-1160.el7
kernel-bootwrapper-0:3.10.0-1160.el7
kernel-debug-0:3.10.0-1160.el7
kernel-debug-debuginfo-0:3.10.0-1160.el7
kernel-debug-devel-0:3.10.0-1160.el7
kernel-debuginfo-0:3.10.0-1160.el7
kernel-debuginfo-common-ppc64-0:3.10.0-1160.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-1160.el7
kernel-debuginfo-common-s390x-0:3.10.0-1160.el7
kernel-debuginfo-common-x86_64-0:3.10.0-1160.el7
kernel-devel-0:3.10.0-1160.el7
kernel-doc-0:3.10.0-1160.el7
kernel-headers-0:3.10.0-1160.el7
kernel-kdump-0:3.10.0-1160.el7
kernel-kdump-debuginfo-0:3.10.0-1160.el7
kernel-kdump-devel-0:3.10.0-1160.el7
kernel-tools-0:3.10.0-1160.el7
kernel-tools-debuginfo-0:3.10.0-1160.el7
kernel-tools-libs-0:3.10.0-1160.el7
kernel-tools-libs-devel-0:3.10.0-1160.el7
perf-0:3.10.0-1160.el7
perf-debuginfo-0:3.10.0-1160.el7
python-perf-0:3.10.0-1160.el7
python-perf-debuginfo-0:3.10.0-1160.el7
kernel-rt-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debug-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debug-debuginfo-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debug-devel-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debug-kvm-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debuginfo-0:3.10.0-1160.rt56.1131.el7
kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.rt56.1131.el7
kernel-rt-devel-0:3.10.0-1160.rt56.1131.el7
kernel-rt-doc-0:3.10.0-1160.rt56.1131.el7
kernel-rt-kvm-0:3.10.0-1160.rt56.1131.el7
kernel-rt-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
kernel-rt-trace-0:3.10.0-1160.rt56.1131.el7
kernel-rt-trace-debuginfo-0:3.10.0-1160.rt56.1131.el7
kernel-rt-trace-devel-0:3.10.0-1160.rt56.1131.el7
kernel-rt-trace-kvm-0:3.10.0-1160.rt56.1131.el7
kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.rt56.1131.el7
bpftool-0:4.18.0-240.el8
bpftool-debuginfo-0:4.18.0-240.el8
kernel-0:4.18.0-240.el8
kernel-abi-whitelists-0:4.18.0-240.el8
kernel-core-0:4.18.0-240.el8
kernel-cross-headers-0:4.18.0-240.el8
kernel-debug-0:4.18.0-240.el8
kernel-debug-core-0:4.18.0-240.el8
kernel-debug-debuginfo-0:4.18.0-240.el8
kernel-debug-devel-0:4.18.0-240.el8
kernel-debug-modules-0:4.18.0-240.el8
kernel-debug-modules-extra-0:4.18.0-240.el8
kernel-debuginfo-0:4.18.0-240.el8
kernel-debuginfo-common-aarch64-0:4.18.0-240.el8
kernel-debuginfo-common-ppc64le-0:4.18.0-240.el8
kernel-debuginfo-common-s390x-0:4.18.0-240.el8
kernel-debuginfo-common-x86_64-0:4.18.0-240.el8
kernel-devel-0:4.18.0-240.el8
kernel-doc-0:4.18.0-240.el8
kernel-headers-0:4.18.0-240.el8
kernel-modules-0:4.18.0-240.el8
kernel-modules-extra-0:4.18.0-240.el8
kernel-tools-0:4.18.0-240.el8
kernel-tools-debuginfo-0:4.18.0-240.el8
kernel-tools-libs-0:4.18.0-240.el8
kernel-tools-libs-devel-0:4.18.0-240.el8
kernel-zfcpdump-0:4.18.0-240.el8
kernel-zfcpdump-core-0:4.18.0-240.el8
kernel-zfcpdump-debuginfo-0:4.18.0-240.el8
kernel-zfcpdump-devel-0:4.18.0-240.el8
kernel-zfcpdump-modules-0:4.18.0-240.el8
kernel-zfcpdump-modules-extra-0:4.18.0-240.el8
perf-0:4.18.0-240.el8
perf-debuginfo-0:4.18.0-240.el8
python3-perf-0:4.18.0-240.el8
python3-perf-debuginfo-0:4.18.0-240.el8
kernel-rt-0:4.18.0-240.rt7.54.el8
kernel-rt-core-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8
kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8
kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8
kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8
kernel-rt-devel-0:4.18.0-240.rt7.54.el8
kernel-rt-kvm-0:4.18.0-240.rt7.54.el8
kernel-rt-modules-0:4.18.0-240.rt7.54.el8
kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8

refmap via4

misc	https://source.android.com/security/bulletin/pixel/2019-09-01
suse	openSUSE-SU-2020:0543

Last major update

18-04-2022 - 16:13

Published

06-09-2019 - 22:15

Last modified

18-04-2022 - 16:13