CVE-2019-2215

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 10, 2018
Published Date: October 11, 2019
Last Updated: February 07, 2025
Vendor: Google
Product: Android
Description: A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Tags

CVSS Scores

CVSS v3.1

7.8 - HIGH

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2024-04-15 06:40:04 UTC) Source

References

https://source.android.com/security/bulletin/2019-10-01 http://seclists.org/fulldisclosure/2019/Oct/38 http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en https://security.netapp.com/advisory/ntap-20191031-0005/ https://seclists.org/bugtraq/2019/Nov/11 http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html https://usn.ubuntu.com/4186-1/ https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/android/local/binder_uaf.rb	2025-04-29 11:01:10 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

binder_uaf

Type: metasploit • Created: Unknown

Metasploit module for CVE-2019-2215

XiaozaYa/CVE-2019-2215

Type: github • Created: 2024-11-18 04:51:53 UTC • Stars: 0

Andriod binder bug record

raymontag/CVE-2019-2215

Type: github • Created: 2024-07-02 10:35:30 UTC • Stars: 0

mutur4/CVE-2019-2215

Type: github • Created: 2024-04-15 06:40:04 UTC • Stars: 2

This is a critical UAF vulnerability exploit that affected the android binder IPC system used in the wild and discovered by P0

willboka/CVE-2019-2215-HuaweiP20Lite

Type: github • Created: 2024-02-04 16:08:02 UTC • Stars: 4

Exploit for CVE-2019-2215 (bad binder) for Huawei P20 Lite

stevejubx/CVE-2019-2215

Type: github • Created: 2023-11-05 14:32:11 UTC • Stars: 10

Android Kernel Vulnerability (CVE-2019-2215) temporary root PoC

elbiazo/CVE-2019-2215

Type: github • Created: 2023-05-27 20:12:18 UTC • Stars: 1

Exploit for Bad Binder

mufidmb38/CVE-2019-2215

Type: github • Created: 2021-05-07 16:48:40 UTC • Stars: 3

CVE-2019-2215

Byte-Master-101/CVE-2019-2215

Type: github • Created: 2021-02-05 06:23:28 UTC • Stars: 3

Temproot for Pixel 2 and Pixel 2 XL via CVE-2019-2215

c3r34lk1ll3r/CVE-2019-2215

Type: github • Created: 2020-10-27 14:43:17 UTC • Stars: 10

PoC for old Binder vulnerability (based on P0 exploit)

qre0ct/android-kernel-exploitation-ashfaq-CVE-2019-2215

Type: github • Created: 2020-04-25 07:31:35 UTC • Stars: 6

android-kernel-exploitation-ashfaq-CVE-2019-2215 docker setup for mac users

LIznzn/CVE-2019-2215

Type: github • Created: 2020-01-30 06:06:32 UTC • Stars: 24

Temproot for Bravia TV via CVE-2019-2215.

ATorNinja/CVE-2019-2215

Type: github • Created: 2019-10-17 02:14:36 UTC • Stars: 0

CVE 2019-2215 Android Binder Use After Free

raystyle/CVE-2019-2215

Type: github • Created: 2019-10-12 03:22:27 UTC • Stars: 2

timwr/CVE-2019-2215

Type: github • Created: 2019-10-04 06:32:08 UTC • Stars: 75

Timeline

CVE ID Reserved

December 10, 2018
CVE Published to Public

October 11, 2019
Added to KEVIntel

November 03, 2021
Proof of Concept Exploit Available

April 15, 2024
Detected by Metasploit

April 29, 2025