Use-after-free vulnerability in libstagefright allows for local privilege escalation

Use-after-free vulnerability in libstagefright allows for local privilege escalation

CVE-2019-9268 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In libstagefright, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-77474014

Learn more about our Cis Benchmark Audit For Google Android.