Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for nova_3e_firmware by huawei

    CVE-2019-19412 (GCVE-0-2019-19412)

    Vulnerability from nvd – Published: 2020-06-08 18:21 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
    Severity
    No CVSS data available.
    CWE
    • FRP Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei ALP-AL00B Affected: earlier than 9.0.0.181(C00E87R2P20T8)
    Create a notification for this product.
    Huawei ALP-L09 Affected: earlier than 9.0.0.201(C432E4R1P9)
    Create a notification for this product.
    Huawei ALP-L29 Affected: earlier than 9.0.0.177(C185E2R1P12T8)
    Affected: earlier than 9.0.0.195(C636E2R1P12)
    Create a notification for this product.
    Huawei Anne-AL00 Affected: earlier than 8.0.0.168(C00)
    Create a notification for this product.
    Huawei BLA-AL00B Affected: earlier than 9.0.0.181(C00E88R2P15T8)
    Create a notification for this product.
    Huawei BLA-L09C Affected: earlier than 9.0.0.177(C185E2R1P13T8)
    Affected: earlier than 9.0.0.206(C432E4R1P11)
    Create a notification for this product.
    Huawei BLA-L29C Affected: earlier than 9.0.0.179(C576E2R1P7T8)
    Affected: earlier than 9.0.0.194(C185E2R1P13)
    Affected: earlier than 9.0.0.206(C432E4R1P11)
    Affected: earlier than 9.0.0.210(C635E4R1P13)
    Create a notification for this product.
    Huawei Berkeley-AL20 Affected: earlier than 9.0.0.156(C00E156R2P14T8)
    Create a notification for this product.
    Huawei Berkeley-L09 Affected: earlier than 8.0.0.172(C432)
    Affected: earlier than 8.0.0.173(C636)
    Create a notification for this product.
    Huawei Emily-L29C Affected: earlier than 9.0.0.159(C185E2R1P12T8)
    Affected: earlier than 9.0.0.159(C461E2R1P11T8)
    Affected: earlier than 9.0.0.160(C432E7R1P11T8)
    Affected: earlier than 9.0.0.165(C605E2R1P12)
    Affected: earlier than 9.0.0.168(C636E7R1P13T8)
    Affected: earlier than 9.0.0.168(C782E3R1P11T8)
    Affected: earlier than 9.0.0.196(C635E2R1P11T8)
    Create a notification for this product.
    Huawei Figo-L03 Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L21 Affected: earlier than 9.1.0.130(C185E6R1P5T8)
    Affected: earlier than 9.1.0.130(C635E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L23 Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L31 Affected: earlier than 9.1.0.130(C432E8R1P5T8)
    Create a notification for this product.
    Huawei Florida-L03 Affected: earlier than 9.1.0.121(C605E5R1P1T8)
    Create a notification for this product.
    Huawei Florida-L21 Affected: earlier than 8.0.0.129(C605)
    Affected: earlier than 8.0.0.131(C432)
    Affected: earlier than 8.0.0.132(C185)
    Create a notification for this product.
    Huawei Florida-L22 Affected: earlier than 8.0.0.132(C636)
    Create a notification for this product.
    Huawei Florida-L23 Affected: earlier than 8.0.0.144(C605)
    Create a notification for this product.
    Huawei HUAWEI P smart Affected: earlier than 9.1.0.130(C185E6R1P5T8)
    Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei HUAWEI P smart,HUAWEI Y7s Affected: earlier than 9.1.0.124(C636E6R1P5T8)
    Create a notification for this product.
    Huawei HUAWEI P20 lite Affected: earlier than 8.0.0.148(C635)
    Affected: earlier than 8.0.0.155(C185)
    Affected: earlier than 8.0.0.155(C605)
    Affected: earlier than 8.0.0.156(C605)
    Affected: earlier than 8.0.0.157(C432)
    Create a notification for this product.
    Huawei HUAWEI nova 3e,HUAWEI P20 lite Affected: earlier than 8.0.0.147(C461)
    Affected: earlier than 8.0.0.148(ZAFC185)
    Affected: earlier than 8.0.0.160(C185)
    Affected: earlier than 8.0.0.160(C605)
    Affected: earlier than 8.0.0.168(C432)
    Affected: earlier than 8.0.0.172(C636)
    Create a notification for this product.
    Huawei Honor View 10 Affected: earlier than 9.0.0.202(C567E6R1P12T8)
    Create a notification for this product.
    Huawei Leland-AL00A Affected: earlier than 8.0.0.182(C00)
    Create a notification for this product.
    Huawei Leland-L21A Affected: earlier than 8.0.0.135(C185)
    Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L22A Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L22C Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L31A Affected: earlier than 8.0.0.139(C432)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.114Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ALP-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.181(C00E87R2P20T8)"
                }
              ]
            },
            {
              "product": "ALP-L09",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.201(C432E4R1P9)"
                }
              ]
            },
            {
              "product": "ALP-L29",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.177(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.195(C636E2R1P12)"
                }
              ]
            },
            {
              "product": "Anne-AL00",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.168(C00)"
                }
              ]
            },
            {
              "product": "BLA-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.181(C00E88R2P15T8)"
                }
              ]
            },
            {
              "product": "BLA-L09C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.177(C185E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.206(C432E4R1P11)"
                }
              ]
            },
            {
              "product": "BLA-L29C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.179(C576E2R1P7T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.194(C185E2R1P13)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.206(C432E4R1P11)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.210(C635E4R1P13)"
                }
              ]
            },
            {
              "product": "Berkeley-AL20",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.156(C00E156R2P14T8)"
                }
              ]
            },
            {
              "product": "Berkeley-L09",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.172(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.173(C636)"
                }
              ]
            },
            {
              "product": "Emily-L29C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.159(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.159(C461E2R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.160(C432E7R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.165(C605E2R1P12)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.168(C636E7R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.168(C782E3R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.196(C635E2R1P11T8)"
                }
              ]
            },
            {
              "product": "Figo-L03",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L21",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C185E6R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C635E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L23",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L31",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C432E8R1P5T8)"
                }
              ]
            },
            {
              "product": "Florida-L03",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.121(C605E5R1P1T8)"
                }
              ]
            },
            {
              "product": "Florida-L21",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.129(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.131(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.132(C185)"
                }
              ]
            },
            {
              "product": "Florida-L22",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.132(C636)"
                }
              ]
            },
            {
              "product": "Florida-L23",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.144(C605)"
                }
              ]
            },
            {
              "product": "HUAWEI P smart",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C185E6R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "HUAWEI P smart,HUAWEI Y7s",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.124(C636E6R1P5T8)"
                }
              ]
            },
            {
              "product": "HUAWEI P20 lite",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.148(C635)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.155(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.155(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.156(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.157(C432)"
                }
              ]
            },
            {
              "product": "HUAWEI nova 3e,HUAWEI P20 lite",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.147(C461)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.148(ZAFC185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.160(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.168(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.172(C636)"
                }
              ]
            },
            {
              "product": "Honor View 10",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.202(C567E6R1P12T8)"
                }
              ]
            },
            {
              "product": "Leland-AL00A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.182(C00)"
                }
              ]
            },
            {
              "product": "Leland-L21A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.135(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L22A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L22C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L31A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.139(C432)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "FRP Bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-08T15:29:39.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19412",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ALP-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.181(C00E87R2P20T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ALP-L09",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.201(C432E4R1P9)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ALP-L29",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.177(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.195(C636E2R1P12)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Anne-AL00",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.168(C00)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.181(C00E88R2P15T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-L09C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.177(C185E2R1P13T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.206(C432E4R1P11)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-L29C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.179(C576E2R1P7T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.194(C185E2R1P13)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.206(C432E4R1P11)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.210(C635E4R1P13)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Berkeley-AL20",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.156(C00E156R2P14T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Berkeley-L09",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.172(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.173(C636)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Emily-L29C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.159(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.159(C461E2R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.160(C432E7R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.165(C605E2R1P12)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.168(C636E7R1P13T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.168(C782E3R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.196(C635E2R1P11T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L03",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  },
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Figo-L21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.130(C635E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L23",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L31",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C432E8R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L03",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.121(C605E5R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.129(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.131(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.132(C185)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L22",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.132(C636)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L23",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.144(C605)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P smart",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P smart,HUAWEI Y7s",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.124(C636E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P20 lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.148(C635)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.155(C185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.155(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.156(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.157(C432)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI nova 3e,HUAWEI P20 lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.147(C461)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.148(ZAFC185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.160(C185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.160(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.168(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.172(C636)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  },
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor View 10",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.202(C567E6R1P12T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-AL00A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.182(C00)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L21A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.135(C185)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L22A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L22C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L31A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.139(C432)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "FRP Bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19412",
        "datePublished": "2020-06-08T18:21:28.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.114Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-2215 (GCVE-0-2019-2215)

    Vulnerability from nvd – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
    VLAI CISA KEVIntel
    Summary
    A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    n/a Android Affected: Kernel
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:42:50.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://source.android.com/security/bulletin/2019-10-01"
              },
              {
                "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
              },
              {
                "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2019/Nov/11"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
              },
              {
                "name": "USN-4186-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-1/"
              },
              {
                "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
              },
              {
                "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-2215",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T13:04:20.328785Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2021-11-03",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:45:29.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2021-11-03T00:00:00.000Z",
                "value": "CVE-2019-2215 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Android",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-02T19:06:43.000Z",
            "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            "shortName": "google_android"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://source.android.com/security/bulletin/2019-10-01"
            },
            {
              "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
            },
            {
              "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2019/Nov/11"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
            },
            {
              "name": "USN-4186-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-1/"
            },
            {
              "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
            },
            {
              "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@android.com",
              "ID": "CVE-2019-2215",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Android",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Kernel"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://source.android.com/security/bulletin/2019-10-01",
                  "refsource": "CONFIRM",
                  "url": "https://source.android.com/security/bulletin/2019-10-01"
                },
                {
                  "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
                },
                {
                  "name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
                },
                {
                  "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2019/Nov/11"
                },
                {
                  "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
                },
                {
                  "name": "USN-4186-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-1/"
                },
                {
                  "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
                },
                {
                  "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "assignerShortName": "google_android",
        "cveId": "CVE-2019-2215",
        "datePublished": "2019-10-11T18:16:48.000Z",
        "dateReserved": "2018-12-10T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:45:29.242Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19412 (GCVE-0-2019-19412)

    Vulnerability from cvelistv5 – Published: 2020-06-08 18:21 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
    Severity
    No CVSS data available.
    CWE
    • FRP Bypass
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei ALP-AL00B Affected: earlier than 9.0.0.181(C00E87R2P20T8)
    Create a notification for this product.
    Huawei ALP-L09 Affected: earlier than 9.0.0.201(C432E4R1P9)
    Create a notification for this product.
    Huawei ALP-L29 Affected: earlier than 9.0.0.177(C185E2R1P12T8)
    Affected: earlier than 9.0.0.195(C636E2R1P12)
    Create a notification for this product.
    Huawei Anne-AL00 Affected: earlier than 8.0.0.168(C00)
    Create a notification for this product.
    Huawei BLA-AL00B Affected: earlier than 9.0.0.181(C00E88R2P15T8)
    Create a notification for this product.
    Huawei BLA-L09C Affected: earlier than 9.0.0.177(C185E2R1P13T8)
    Affected: earlier than 9.0.0.206(C432E4R1P11)
    Create a notification for this product.
    Huawei BLA-L29C Affected: earlier than 9.0.0.179(C576E2R1P7T8)
    Affected: earlier than 9.0.0.194(C185E2R1P13)
    Affected: earlier than 9.0.0.206(C432E4R1P11)
    Affected: earlier than 9.0.0.210(C635E4R1P13)
    Create a notification for this product.
    Huawei Berkeley-AL20 Affected: earlier than 9.0.0.156(C00E156R2P14T8)
    Create a notification for this product.
    Huawei Berkeley-L09 Affected: earlier than 8.0.0.172(C432)
    Affected: earlier than 8.0.0.173(C636)
    Create a notification for this product.
    Huawei Emily-L29C Affected: earlier than 9.0.0.159(C185E2R1P12T8)
    Affected: earlier than 9.0.0.159(C461E2R1P11T8)
    Affected: earlier than 9.0.0.160(C432E7R1P11T8)
    Affected: earlier than 9.0.0.165(C605E2R1P12)
    Affected: earlier than 9.0.0.168(C636E7R1P13T8)
    Affected: earlier than 9.0.0.168(C782E3R1P11T8)
    Affected: earlier than 9.0.0.196(C635E2R1P11T8)
    Create a notification for this product.
    Huawei Figo-L03 Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L21 Affected: earlier than 9.1.0.130(C185E6R1P5T8)
    Affected: earlier than 9.1.0.130(C635E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L23 Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei Figo-L31 Affected: earlier than 9.1.0.130(C432E8R1P5T8)
    Create a notification for this product.
    Huawei Florida-L03 Affected: earlier than 9.1.0.121(C605E5R1P1T8)
    Create a notification for this product.
    Huawei Florida-L21 Affected: earlier than 8.0.0.129(C605)
    Affected: earlier than 8.0.0.131(C432)
    Affected: earlier than 8.0.0.132(C185)
    Create a notification for this product.
    Huawei Florida-L22 Affected: earlier than 8.0.0.132(C636)
    Create a notification for this product.
    Huawei Florida-L23 Affected: earlier than 8.0.0.144(C605)
    Create a notification for this product.
    Huawei HUAWEI P smart Affected: earlier than 9.1.0.130(C185E6R1P5T8)
    Affected: earlier than 9.1.0.130(C605E6R1P5T8)
    Create a notification for this product.
    Huawei HUAWEI P smart,HUAWEI Y7s Affected: earlier than 9.1.0.124(C636E6R1P5T8)
    Create a notification for this product.
    Huawei HUAWEI P20 lite Affected: earlier than 8.0.0.148(C635)
    Affected: earlier than 8.0.0.155(C185)
    Affected: earlier than 8.0.0.155(C605)
    Affected: earlier than 8.0.0.156(C605)
    Affected: earlier than 8.0.0.157(C432)
    Create a notification for this product.
    Huawei HUAWEI nova 3e,HUAWEI P20 lite Affected: earlier than 8.0.0.147(C461)
    Affected: earlier than 8.0.0.148(ZAFC185)
    Affected: earlier than 8.0.0.160(C185)
    Affected: earlier than 8.0.0.160(C605)
    Affected: earlier than 8.0.0.168(C432)
    Affected: earlier than 8.0.0.172(C636)
    Create a notification for this product.
    Huawei Honor View 10 Affected: earlier than 9.0.0.202(C567E6R1P12T8)
    Create a notification for this product.
    Huawei Leland-AL00A Affected: earlier than 8.0.0.182(C00)
    Create a notification for this product.
    Huawei Leland-L21A Affected: earlier than 8.0.0.135(C185)
    Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L22A Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L22C Affected: earlier than 9.1.0.118(C636E4R1P1T8)
    Create a notification for this product.
    Huawei Leland-L31A Affected: earlier than 8.0.0.139(C432)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.114Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ALP-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.181(C00E87R2P20T8)"
                }
              ]
            },
            {
              "product": "ALP-L09",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.201(C432E4R1P9)"
                }
              ]
            },
            {
              "product": "ALP-L29",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.177(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.195(C636E2R1P12)"
                }
              ]
            },
            {
              "product": "Anne-AL00",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.168(C00)"
                }
              ]
            },
            {
              "product": "BLA-AL00B",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.181(C00E88R2P15T8)"
                }
              ]
            },
            {
              "product": "BLA-L09C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.177(C185E2R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.206(C432E4R1P11)"
                }
              ]
            },
            {
              "product": "BLA-L29C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.179(C576E2R1P7T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.194(C185E2R1P13)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.206(C432E4R1P11)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.210(C635E4R1P13)"
                }
              ]
            },
            {
              "product": "Berkeley-AL20",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.156(C00E156R2P14T8)"
                }
              ]
            },
            {
              "product": "Berkeley-L09",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.172(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.173(C636)"
                }
              ]
            },
            {
              "product": "Emily-L29C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.159(C185E2R1P12T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.159(C461E2R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.160(C432E7R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.165(C605E2R1P12)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.168(C636E7R1P13T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.168(C782E3R1P11T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.196(C635E2R1P11T8)"
                }
              ]
            },
            {
              "product": "Figo-L03",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L21",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C185E6R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C635E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L23",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "Figo-L31",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C432E8R1P5T8)"
                }
              ]
            },
            {
              "product": "Florida-L03",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.121(C605E5R1P1T8)"
                }
              ]
            },
            {
              "product": "Florida-L21",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.129(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.131(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.132(C185)"
                }
              ]
            },
            {
              "product": "Florida-L22",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.132(C636)"
                }
              ]
            },
            {
              "product": "Florida-L23",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.144(C605)"
                }
              ]
            },
            {
              "product": "HUAWEI P smart",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C185E6R1P5T8)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.130(C605E6R1P5T8)"
                }
              ]
            },
            {
              "product": "HUAWEI P smart,HUAWEI Y7s",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.124(C636E6R1P5T8)"
                }
              ]
            },
            {
              "product": "HUAWEI P20 lite",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.148(C635)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.155(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.155(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.156(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.157(C432)"
                }
              ]
            },
            {
              "product": "HUAWEI nova 3e,HUAWEI P20 lite",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.147(C461)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.148(ZAFC185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.160(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.160(C605)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.168(C432)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.172(C636)"
                }
              ]
            },
            {
              "product": "Honor View 10",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.0.0.202(C567E6R1P12T8)"
                }
              ]
            },
            {
              "product": "Leland-AL00A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.182(C00)"
                }
              ]
            },
            {
              "product": "Leland-L21A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.135(C185)"
                },
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L22A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L22C",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 9.1.0.118(C636E4R1P1T8)"
                }
              ]
            },
            {
              "product": "Leland-L31A",
              "vendor": "Huawei",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 8.0.0.139(C432)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "FRP Bypass",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-07-08T15:29:39.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19412",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ALP-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.181(C00E87R2P20T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ALP-L09",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.201(C432E4R1P9)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "ALP-L29",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.177(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.195(C636E2R1P12)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Anne-AL00",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.168(C00)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-AL00B",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.181(C00E88R2P15T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-L09C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.177(C185E2R1P13T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.206(C432E4R1P11)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "BLA-L29C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.179(C576E2R1P7T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.194(C185E2R1P13)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.206(C432E4R1P11)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.210(C635E4R1P13)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Berkeley-AL20",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.156(C00E156R2P14T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Berkeley-L09",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.172(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.173(C636)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Emily-L29C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.159(C185E2R1P12T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.159(C461E2R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.160(C432E7R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.165(C605E2R1P12)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.168(C636E7R1P13T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.168(C782E3R1P11T8)"
                              },
                              {
                                "version_value": "earlier than 9.0.0.196(C635E2R1P11T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L03",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  },
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Figo-L21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.130(C635E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L23",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Figo-L31",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C432E8R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L03",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.121(C605E5R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L21",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.129(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.131(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.132(C185)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L22",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.132(C636)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Florida-L23",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.144(C605)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P smart",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.130(C185E6R1P5T8)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.130(C605E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P smart,HUAWEI Y7s",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.124(C636E6R1P5T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI P20 lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.148(C635)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.155(C185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.155(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.156(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.157(C432)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "HUAWEI nova 3e,HUAWEI P20 lite",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.147(C461)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.148(ZAFC185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.160(C185)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.160(C605)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.168(C432)"
                              },
                              {
                                "version_value": "earlier than 8.0.0.172(C636)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  },
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Honor View 10",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.0.0.202(C567E6R1P12T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-AL00A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.182(C00)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L21A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.135(C185)"
                              },
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L22A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L22C",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 9.1.0.118(C636E4R1P1T8)"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Leland-L31A",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "earlier than 8.0.0.139(C432)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "FRP Bypass"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19412",
        "datePublished": "2020-06-08T18:21:28.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.114Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-2215 (GCVE-0-2019-2215)

    Vulnerability from cvelistv5 – Published: 2019-10-11 18:16 – Updated: 2025-10-21 23:45
    VLAI CISA KEVIntel
    Summary
    A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Elevation of privilege
    • CWE-416 - Use After Free
    Assigner
    Impacted products
    Vendor Product Version
    n/a Android Affected: Kernel
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:42:50.933Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://source.android.com/security/bulletin/2019-10-01"
              },
              {
                "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
              },
              {
                "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "https://seclists.org/bugtraq/2019/Nov/11"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
              },
              {
                "name": "USN-4186-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/4186-1/"
              },
              {
                "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
              },
              {
                "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-2215",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-07T13:04:20.328785Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2021-11-03",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-416",
                    "description": "CWE-416 Use After Free",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:45:29.242Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2215"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2021-11-03T00:00:00.000Z",
                "value": "CVE-2019-2215 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Android",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "Kernel"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Elevation of privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-02T19:06:43.000Z",
            "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            "shortName": "google_android"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://source.android.com/security/bulletin/2019-10-01"
            },
            {
              "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
            },
            {
              "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "https://seclists.org/bugtraq/2019/Nov/11"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
            },
            {
              "name": "USN-4186-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/4186-1/"
            },
            {
              "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
            },
            {
              "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@android.com",
              "ID": "CVE-2019-2215",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Android",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Kernel"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Elevation of privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://source.android.com/security/bulletin/2019-10-01",
                  "refsource": "CONFIRM",
                  "url": "https://source.android.com/security/bulletin/2019-10-01"
                },
                {
                  "name": "20191018 CVE 2019-2215 Android Binder Use After Free",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2019/Oct/38"
                },
                {
                  "name": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html"
                },
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20191031-0005/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
                },
                {
                  "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                  "refsource": "BUGTRAQ",
                  "url": "https://seclists.org/bugtraq/2019/Nov/11"
                },
                {
                  "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
                },
                {
                  "name": "USN-4186-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/4186-1/"
                },
                {
                  "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html"
                },
                {
                  "name": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html"
                },
                {
                  "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "assignerShortName": "google_android",
        "cveId": "CVE-2019-2215",
        "datePublished": "2019-10-11T18:16:48.000Z",
        "dateReserved": "2018-12-10T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:45:29.242Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }