CVE-2019-2215 — Android Kernel Use-After-Free Vulnerability
2021-11-03 • CISA Known Exploited Vulnerability
[event] Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain "AbstractEmu."
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Android |
| Product | Android Kernel |
| CWE | CWE-416 |
| CVE ID | CVE-2019-2215 |
| Date Added | 2021-11-03 |
| Due Date | 2022-05-03 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-05-03