CVE-2020-0041 — Android Kernel Out-of-Bounds Write Vulnerability
2021-11-03 • CISA Known Exploited Vulnerability
[event] Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2215 and CVE-2020-0069 under exploit chain "AbstractEmu."
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Android |
| Product | Android Kernel |
| CWE | CWE-20 |
| CVE ID | CVE-2020-0041 |
| Date Added | 2021-11-03 |
| Due Date | 2022-05-03 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-05-03