CVE-2019-2215
HIGHCVSS 7.8/10Actively ExploitedEPSS 72.10%
Last modified
CVE-2019-2215 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095. CISA has confirmed active exploitation in the wild. EPSS estimates a 72.10% chance of exploitation in the next 30 days.
Description
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitation Status
This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by .
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Android | All versions | |
| Debian | Debian Linux | 8.0 |
| Canonical | Ubuntu Linux | 16.04 |
| Netapp | Cloud Backup | All versions |
| Netapp | Data Availability Services | All versions |
| Netapp | Hci Management Node | All versions |
| Netapp | Service Processor | All versions |
| Netapp | Solidfire | All versions |
| Netapp | Steelstore Cloud Integrated Storage | All versions |
| Netapp | Solidfire Baseboard Management Controller Firmware | All versions |
| Netapp | Aff Baseboard Management Controller Firmware | All versions |
| Netapp | A320 Firmware | All versions |
| Netapp | C190 Firmware | All versions |
| Netapp | A220 Firmware | All versions |
| Netapp | Fas2720 Firmware | All versions |
| Netapp | Fas2750 Firmware | All versions |
| Netapp | A800 Firmware | All versions |
| Netapp | H300s Firmware | All versions |
| Netapp | H500s Firmware | All versions |
| Netapp | H700s Firmware | All versions |
| Netapp | H410s Firmware | All versions |
| Netapp | H410c Firmware | All versions |
| Netapp | H610s Firmware | All versions |
| Huawei | Alp-Al00b Firmware | < 10.0.0.162\(c00e156r2p4\) |
| Huawei | Alp-Tl00b Firmware | < 10.0.0.162\(c01e156r1p4\) |
| Huawei | Anne-Al00 Firmware | < 9.1.0.126\(c00e126r1p7t8\) |
| Huawei | Ares-Al00b Firmware | < 9.1.0.165\(c00e165r2p5t8\) |
| Huawei | Ares-Al10d Firmware | < 9.1.0.165\(c00e165r2p5t8\) |
| Huawei | Ares-Tl00chw Firmware | < 8.2.0.163\(c01r2p1\) |
| Huawei | Bla-Al00b Firmware | < 10.0.0.170\(c786e170r2p4\) |
| Huawei | Bla-L29c Firmware | < 9.1.0.300\(c432e4r1p11t8\) |
| Huawei | Bla-Tl00b Firmware | < 10.0.0.170\(c01e170r1p4\) |
| Huawei | Barca-Al00 Firmware | < 8.0.0.377\(c00\) |
| Huawei | Berkeley-L09 Firmware | < 9.1.0.351\(c432e5r1p13t8\) |
| Huawei | Berkeley-Tl10 Firmware | < 9.1.0.333\(c01e333r1p1t8\) |
| Huawei | Columbia-Al00a Firmware | < 8.1.0.186\(c00gt\) |
| Huawei | Columbia-L29d Firmware | < 9.1.0.325\(c432e4r1p12t8\) |
| Huawei | Cornell-Tl10b Firmware | < 9.1.0.321\(c01e320r1p1t8\) |
| Huawei | Duke-L09i Firmware | < 9.0.1.171\(c675e6r1p5t8\) |
| Huawei | Dura-Al00a Firmware | < 1.0.0.190\(c00\) |
| Huawei | Figo-Al00a Firmware | < 9.1.0.130\(c00e115r2p8t8\) |
| Huawei | Florida-Al20b Firmware | < 9.1.0.128\(c00e112r1p6t8\) |
| Huawei | Florida-L03 Firmware | < 9.1.0.154\(c605e7r1p2t8\) |
| Huawei | Florida-L21 Firmware | < 9.1.0.154\(c605e7r1p2t8\) |
| Huawei | Florida-L22 Firmware | < 9.1.0.150\(c636e6r1p5t8\) |
| Huawei | Florida-Tl10b Firmware | < 9.1.0.128\(c01e112r1p6t8\) |
| Huawei | Mate Rs Firmware | 9.1.0.321\(c786e320r1p1t8\) |
| Huawei | P20 Firmware | < 9.1.0.312\(c00e312r1p1t8\) |
| Huawei | P20 Lite Firmware | < 9.1.0.200\(c605e4r1p3t8\) |
| Huawei | P20 Lite Firmware | < 9.1.0.200\(c635e5r1p1t8\) |
Showing 50 of 84 affected configurations. See NVD for the full list.
References
- http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlPatch, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2019/Oct/38Mailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
- https://source.android.com/security/bulletin/2019-10-01Vendor Advisory
- https://usn.ubuntu.com/4186-1/Third Party Advisory
- http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlPatch, Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2019/Oct/38Mailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
- https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
- https://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
- https://source.android.com/security/bulletin/2019-10-01Vendor Advisory
- https://usn.ubuntu.com/4186-1/Third Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215US Government Resource
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2019-2215?
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
How severe is CVE-2019-2215?
CVE-2019-2215 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 72.10% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.
How do I fix CVE-2019-2215?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2019-2215?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST