[CVE-2015-6640] poc by Edward Hung sourceandroidcom/security/bulletin/2016-01-01html androidgooglesourcecom/kernel/common/+/69bfe2d957d903521d32324190c2754cb073be15%5E%21/#F0
The prctl_set_vma_anon_name function in kernel/sys.c in Android prior to 5.1.1 LMY49F and 6.0 prior to 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows malicious users to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android 5.0 |
||
google android 5.1.1 |
||
google android 4.4.4 |
||
google android 6.0 |