CVE-2020-0041 – Google / Android – Out-of-bounds write

CVE-2020-0041 is an out-of-bounds write vulnerability impacting Google Android. An exploit was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used to support rooting malware deployment operations.

Summary:

CVE-2020-0041 is an out-of-bounds write vulnerability impacting Google Android. An exploit was observed in open source and subsequently shared in the underground. Security researchers claimed the vulnerability was used to support rooting malware deployment operations.

PoC Links(if available):

BFS Labs exploit –
https://labs.bluefrostsecurity.de/blog/2020/04/08/cve-2020-0041-part-2-escalating-to-root/

Known Counter Measures:

Android addressed the vulnerability in a security bulletin with patches.

Links to patches(if available)

https://source.android.com/security/bulletin/2020-03-01