sock_sendpage

CVE numbers: CVE-2009-2692 [vulmon]
Coordinated disclosure?: false
Categories: kernel
Details: A vulnerability in the kernel allows local users to gain privileges due to function pointers not being initialised. [vulmon] According to one source, Android versions up to 3.2.6 are vulnerable [android-paper]
Discovered by: Tavis Ormandy and Julien Tinnes [cr0][archived] on: Unknown
Reported on: 2009-08-13 [cr0][archived]
Fixed on: 2009-08-13 [linux-commit]
Fix released on: Unknown
Affected versions: Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4 [cve-mitre-sock-sendpage], Android up to 2.1 [cve-mitre-sock-sendpage] regex: (1.[0-9].[0-9])|(2.[0-1].[0-9])
Affected devices: all [citation-needed]
Affected manufacturers: all [citation-needed]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-03

AndroidVulnerabilities.org