Main Vulnerability Database Exploits ID:9185 - Exploit for Out-of-bounds write in Google Android - CVE-2020-0041

ID:9185 - Exploit for Out-of-bounds write in Google Android - CVE-2020-0041

Published: July 15, 2023

Vulnerability identifier: #VU34785

Vulnerability risk: Low

CVE-ID: CVE-2020-0041

CWE-ID: CWE-787

Exploitation vector: Local access

Vulnerable software:
Google Android

Link to public exploit:

https://github.com/jcalabres/CVE-2020-0041-Pixel-3a

Vulnerability description

The vulnerability allows a local authenticated user to execute arbitrary code.

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel

Remediation

Install update from vendor's website.

ID:9185 - Exploit for Out-of-bounds write in Google Android - CVE-2020-0041

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human