{"id":"CVE-2019-2215","details":"A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095","modified":"2026-03-15T22:28:13.909982Z","published":"2019-10-11T19:15:10.947Z","references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2019/Oct/38"},{"type":"ADVISORY","url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20191031-0005/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4186-1/"},{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2019-10-01"},{"type":"FIX","url":"http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"},{"type":"FIX","url":"https://seclists.org/bugtraq/2019/Nov/11"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-2215.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.162\\(c00e156r2p4\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.162\\(c01e156r1p4\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.126\\(c00e126r1p7t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.165\\(c00e165r2p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.165\\(c00e165r2p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"8.2.0.163\\(c01r2p1\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.170\\(c786e170r2p4\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.300\\(c432e4r1p11t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.170\\(c01e170r1p4\\)"}]},{"events":[{"introduced":"0"},{"fixed":"8.0.0.377\\(c00\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.351\\(c432e5r1p13t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.333\\(c01e333r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"8.1.0.186\\(c00gt\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.325\\(c432e4r1p12t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.321\\(c01e320r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.0.1.171\\(c675e6r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"1.0.0.190\\(c00\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c00e115r2p8t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.128\\(c00e112r1p6t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.154\\(c605e7r1p2t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.154\\(c605e7r1p2t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.150\\(c636e6r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.128\\(c01e112r1p6t8\\)"}]},{"events":[{"introduced":"0"},{"last_affected":"9.1.0.321(c786e320r1p1t8)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.312\\(c00e312r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.200\\(c605e4r1p3t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.200\\(c635e5r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.246\\(c432e6r1p7t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.297\\(c605e4r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.210\\(c01e110r1p9t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.351\\(c00e351r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.200\\(c636e4r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.200\\(c636e4r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.201\\(c636e4r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.201\\(c636e4r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.201\\(zafc185e4r1p8t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.201\\(zafc185e4r1p8t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.1.0.214\\(c10e5r4p3\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.260\\(c00e120r2p2\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.219\\(c01e18r3p2t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c00e112r2p10t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.156\\(c185e5r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.153\\(c675e6r1p4t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c01e112r2p10t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c01e112r2p10t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c00e112r2p10t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.156\\(c636e5r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.321\\(c786e320r1p1t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.1.0.160\\(c00e160r2p11\\)"}]},{"events":[{"introduced":"0"},{"fixed":"8.0.0.376\\(c00\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.211\\(c635e2r1p4t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.210\\(c432e2r1p5t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.212\\(c00e62r1p7t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.212\\(c01e62r1p7t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.212\\(c00e62r1p7t8\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.175\\(c00e59r2p11\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.0.0.175\\(c01e59r2p11\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.1.0.160\\(c00e160r8p12\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.1.0.231\\(c10e3r3p2\\)"}]},{"events":[{"introduced":"0"},{"fixed":"10.1.0.160\\(c01e160r8p12\\)"}]},{"events":[{"introduced":"0"},{"fixed":"9.1.0.130\\(c00e112r2p10t8\\)"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}