← volver
CVE-2015-8950

CVE-2015-8950

EPSS 1.5%
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5http://source.android.com/security/bulletin/2016-10-01.htmlhttps://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3http://www.securityfocus.com/bid/93318