Vulnerability CVE-2020-0009


Published: 2020-01-08

Description:
In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared between processes, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-142938932

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Android ashmem Read-Only Bypasses
Jann Horn
12.01.2020

Type:

CWE-276

(Incorrect Default Permissions)

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Google -> Android 

 References:
http://packetstormsecurity.com/files/155903/Android-ashmem-Read-Only-Bypasses.html
https://source.android.com/security/bulletin/2020-01-01
https://source.android.com/security/bulletin/2020-01-11

Copyright 2020, cxsecurity.com

 

Back to Top