CVE-2015-3636

CVE numbers: CVE-2015-3636 [Bulletin-CVE-2015-3636]
Coordinated disclosure?: unknown
Categories: Elevation Privilege Vulnerability in Kernel
Details: The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect. [NIST-CVE-2015-3636]
Discovered by: on: Unknown
Reported on: 2015-09-01 [Bulletin-CVE-2015-3636]
Fixed on: 2015-05-02 [ANDROID-20770158]
Fix released on: Unknown
Affected versions: 5.1 and below [Bulletin-CVE-2015-3636] regex: ([1-4].[0-9].[0-9])|(5.[0-1].[0-9])
Affected devices:
Affected manufacturers: all [Bulletin-CVE-2015-3636]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-29

AndroidVulnerabilities.org