CVE-2015-8950
N/A
N/A
Summary
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8
- https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5
- http://source.android.com/security/bulletin/2016-10-01.html
- http://www.securityfocus.com/bid/93318
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5
References
- https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8
- https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5
- http://source.android.com/security/bulletin/2016-10-01.html
- http://www.securityfocus.com/bid/93318
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.