Exploitation Summary
EIP tracks 1 public exploit for CVE-2017-0564. PoCs published by guoygang.
AI-analyzed exploit summary This repository contains a functional PoC for CVE-2017-0564, an ION memory management vulnerability in Android. The exploit leverages a race condition during memory allocation and deallocation to achieve local privilege escalation (LPE).
Description
An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34276203.
Exploits (1)
This repository contains a functional PoC for CVE-2017-0564, an ION memory management vulnerability in Android. The exploit leverages a race condition during memory allocation and deallocation to achieve local privilege escalation (LPE).
References (4)
Scores
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H