Double Free Vulnerability in GateKeeper::MintAuthToken in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9

Double Free Vulnerability in GateKeeper::MintAuthToken in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9

CVE-2019-2115 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Learn more about our Cis Benchmark Audit For Google Android.