Back to all categorys

Elevation of Privilege Vulnerability in Kernel

CVE-2015-6640

(json)

• CVE numbers: CVE-2015-6640 [Bulletin-CVE-2015-6640]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Kernel
• Details: The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123. [NIST-CVE-2015-6640]
• Discovered by: on: Unknown
• Reported on: 2016-01-01 [Bulletin-CVE-2015-6640]
• Fixed on: 2014-08-05 [ANDROID-20017123]
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0, 5.1.1, 6.0 [Bulletin-CVE-2015-6640] regex: (4.4.4)|(5.0.[0-9])|(5.1.1)|(6.0.[0-9])
• Affected devices:
• Affected manufacturers: all [Bulletin-CVE-2015-6640]
• Fixed versions: 4.4.4, 5.0, 5.1.1, 6.0 [Bulletin-CVE-2015-6640]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2014-9322

(json)

• CVE numbers: CVE-2014-9322 [Bulletin-CVE-2014-9322]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Kernel
• Details: arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. [NIST-CVE-2014-9322]
• Discovered by: on: Unknown
• Reported on: 2016-04-02 [Bulletin-CVE-2014-9322]
• Fixed on: 2014-12-04 [11]
• Fix released on: Unknown
• Affected versions: 6.0, 6.0.1 [Bulletin-CVE-2014-9322] regex: (6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: all [Bulletin-CVE-2014-9322]
• Fixed versions: 6.0, 6.0.1 [Bulletin-CVE-2014-9322]
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2015-1805

(json)

• CVE numbers: CVE-2015-1805 [Bulletin-CVE-2015-1805]
• Coordinated disclosure?: unknown
• Categories: Elevation of Privilege Vulnerability in Kernel
• Details: The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun." [NIST-CVE-2015-1805]
• Discovered by: on: Unknown
• Reported on: 2016-04-02 [Bulletin-CVE-2015-1805]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2015-1805] regex: (4.4.4)|(5.0.2)|(5.1.1)|(6.0.[0-9])|(6.0.1)
• Affected devices:
• Affected manufacturers: all [Bulletin-CVE-2015-1805]
• Fixed versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1 [Bulletin-CVE-2015-1805]
• Submission: by: Daniel Carter, on: 2019-07-29