QwikSec

Security Database

CVE

CWE

Training

CVE-2019-2215

Published: Oct 11, 2019

Modified: Oct 21, 2025

PUBLISHED

Description

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095

Vendor	Product	Versions
n/a	Android	affected `Kernel`

References

https://source.android.com/security/bulletin/2019-10-01

x_refsource_CONFIRM

20191018 CVE 2019-2215 Android Binder Use After Free

mailing-list

x_refsource_FULLDISC

http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html

x_refsource_MISC

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20191031-0005/

x_refsource_CONFIRM

20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update

mailing-list

x_refsource_MLIST

http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html

x_refsource_MISC

[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.