CVE-2017-0564

HIGH

Android Kernel <3.10, <3.18 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-0564. PoCs published by guoygang.

AI-analyzed exploit summary This repository contains a functional PoC for CVE-2017-0564, an ION memory management vulnerability in Android. The exploit leverages a race condition during memory allocation and deallocation to achieve local privilege escalation (LPE).

Description

An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203.

Exploits (1)

nomisec WORKING POC 7 stars
by guoygang · poc
https://github.com/guoygang/CVE-2017-0564-ION-PoC

This repository contains a functional PoC for CVE-2017-0564, an ION memory management vulnerability in Android. The exploit leverages a race condition during memory allocation and deallocation to achieve local privilege escalation (LPE).

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: Android ION memory management subsystem (affects multiple versions)
No auth needed
Prerequisites: Access to /dev/ion device node · Android device with vulnerable ION implementation
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-04-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97344
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-12-01
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038201

Scores

CVSS v3 7.8
EPSS 0.0425
EPSS Percentile 89.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (3)
linux/linux_kernel 3.10
linux/linux_kernel 3.18
n/a/Android Kernel-3.10 Kernel-3.18 Android Kernel-3.10 Kernel-3.18
Published Apr 07, 2017
Tracked Since Feb 18, 2026