#VU47047 Use-after-free in Google Android - CVE-2020-0429

Cybersecurity Help s.r.o.

Published: 2020-09-17 | Updated: 2020-09-24

Vulnerability identifier: #VU47047

Vulnerability risk: Low

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-0429

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Google Android
Operating systems & Components / Operating system

Vendor: Google

Description

The vulnerability allows a local privileged user to execute arbitrary code.

In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806

Mitigation
Install update from vendor's website.

Vulnerable software versions

Google Android: All versions

External links
https://source.android.com/security/bulletin/pixel/2020-09-01

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel (Live Patch 40 for SLE 12 SP3)

SUSE update for the Linux Kernel

SUSE update for the Linux Kernel (Live Patch 39 for SLE 12 SP3)

SUSE Linux Enterprise Server update for kernel

SUSE update for the Linux Kernel (Live Patch 38 for SLE 12 SP3)

SUSE update for the Linux Kernel (Live Patch 39 for SLE 12 SP2)