CVE-2019-1999

HIGH

Google Android - Double Free

Title source: rule

Description

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/46357

View Code ZIP pw:eip

References (6)

[Broken Link] http://www.securityfocus.com/bid/106851

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Aug/13

[Vendor Advisory] https://source.android.com/security/bulletin/2019-02-01

[Third Party Advisory] https://usn.ubuntu.com/3979-1/

[Third Party Advisory] https://www.debian.org/security/2019/dsa-4495

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46357/

Scores

CVSS v3 7.8

EPSS 0.0047

EPSS Percentile 64.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-415

Status published

Affected Products (4)

google/android

debian/debian_linux

debian/debian_linux

canonical/ubuntu_linux

Timeline

Published Feb 28, 2019

Tracked Since Feb 18, 2026