Bug 1164867 - (CVE-2019-2215) VUL-0: CVE-2019-2215: kernel-source: Use-after-free in binder.c
(CVE-2019-2215)
VUL-0: CVE-2019-2215: kernel-source: Use-after-free in binder.c
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: E-mail List
Security Team bot
https://smash.suse.de/issue/244804/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-02-25 15:22 UTC by Alexandros Toptsoglou
Modified: 2020-02-26 13:24 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2020-02-25 15:22:42 UTC
CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095

Upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/android/binder.c?h=linux-4.14.y&id=7a3cee43e935b9d526ad07f20bf005ba7e74d05b

References:

https://seclists.org/fulldisclosure/2019/Oct/38
https://github.com/marcinguy/CVE-2019-2215/
https://bugs.chromium.org/p/project-zero/issues/detail?id=1942

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1805822
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-2215
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-2215.html
http://www.cvedetails.com/cve/CVE-2019-2215/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215
https://source.android.com/security/bulletin/2019-10-01
Comment 1 Michal Hocko 2020-02-26 09:51:14 UTC
I do not see us enabling ANDROID_BINDER_IPC anywhere. So this doesn't seem to be applicable.
Comment 2 Marcus Meissner 2020-02-26 13:24:52 UTC
does not affect SUSE products.