CVE-2019-2215
HIGH7.8⚠ KEVEPSS 51.5%Android Kernel Use-After-Free Vulnerability
Published: 10/11/2019Modified: 4/28/2026Added to CISA KEV: 11/3/2021
Also known as:DEBIAN-CVE-2019-2215
Description
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Affected packages (1)
- Debian/linuxfrom 0, < 4.15.4-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |