The following is the exploit for the bad binder (CVE-2019-2215) vulnz that was tested on an x86 Emulator. The aim was to abuse the UAF vulnerability to trigger an AAR primitive to leak kernel addresses and use an AAW primitive to overwrite addr_limit leading to a Kernel Read and Write primitive allowing us to modify the cred_struct for Local-Priviledge-Escalation (LPE).
-
Notifications
You must be signed in to change notification settings - Fork 1
mutur4/CVE-2019-2215
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
This is a critical UAF vulnerability exploit that affected the android binder IPC system used in the wild and discovered by P0