Use-after-free vulnerability in HalDeathHandlerHidl.cpp allows for local privilege escalation in Android audio server
CVE-2019-2006 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-116665972
Learn more about our Cis Benchmark Audit For Google Android.