[Disco][SRU][CVE-2019-2181] binder: check for overflow when alloc for security context
Connor Kuehl
connor.kuehl at canonical.com
Thu Sep 26 19:14:46 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-2181.html
>From the above link:
"In binder_transaction of binder.c in the Android kernel, there is a
possible out of bounds write due to an integer overflow. This could lead to
local escalation of privilege with no additional execution privileges
needed. User interaction is needed for exploitation."
Clean cherry pick.
More information about the kernel-team
mailing list