Binary-Kernel-Android-Exploitation-Roadmap

Android Kernel CVE Lab: CVE-2019-2215 (Binder UAF)

This lab recreates CVE-2019-2215, a Use-After-Free in the Android Binder driver that allows local privilege escalation.

Overview

This bug affects Android 8.x (kernel 3.18/4.4/4.9). It is reachable via a malicious app and can be triggered from unprivileged userspace.

Objectives

• Build a vulnerable kernel with CVE-2019-2215.
• Boot it in QEMU and interact via ADB or UART.
• Understand and exploit the binder transaction flow.

Instructions

1. Run fetch_and_build.sh to get and compile the kernel.
2. Launch it using boot_qemu.sh.
3. Compile and test the PoC in poc/.

Note: This version reintroduces the vulnerability by patching the binder code.

References

• Project Zero Blog