Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
androidRed HatANDROID:PIPE_INATOMIC
HistoryJun 06, 2015 - 12:00 a.m.

pipe inatomic

2015-06-0600:00:00
Red Hat
www.androidvulnerabilities.org
30

0.0004 Low

EPSS

Percentile

10.1%

JSON

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an โ€˜I/O vector array overrun.โ€™
This is a known issue in the upstream Linux kernel that was fixed in April 2014 but wasnโ€™t called out as a security fix and assigned CVE-2015-1805 until February 2, 2015. On February 19, 2016, C0RE Team notified Google that the issue could be exploited on Android and a patch was developed to be included in an upcoming regularly scheduled monthly update. On March 15, 2016 Google received a report from Zimperium that this vulnerability had been abused on a Nexus 5 device. Google has confirmed the existence of a publicly available rooting application that abuses this vulnerability on Nexus 5 and Nexus 6 to provide the device user with root privileges.

CPENameOperatorVersion
androidlt3.10 and 3.14

Related

nessus 52
openvas 39
threatpost 3
redhat 13
cvelist 2
oraclelinux 9
nvd 2
centos 4
ubuntucve 2
veracode 6
androidsecurity 3
f5 3
debiancve 2
prion 2
cve 2
android 1
ubuntu 8
thn 3
securityvulns 2
debian 7
osv 5
amazon 1
suse 10
googleprojectzero 1
ibm 1
lenovo 1
nessus
nessus
Oracle Linux 5 : ELSA-2015-1042-1: / kernel (ELSA-2015-10421)
2023-09-07 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (SOL17458)
2015-10-20 00:00:00
RHEL 5 : kernel (RHSA-2015:1120)
2015-06-17 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2015:1042 centos5
2015-06-09 00:00:00
RedHat Update for kernel RHSA-2015:1042-01
2015-06-09 00:00:00
Oracle: Security Advisory (ELSA-2015-1042-1)
2015-10-06 00:00:00
threatpost
threatpost
Android Rooting Application Emergency Patch
2016-03-23 07:00:46
April 2016 Google Android Nexus Security Bulletin
2016-04-04 14:00:22
Google Detects and Boots Tizi Spyware Off Google Play
2017-11-28 12:40:09
redhat
redhat
(RHSA-2015:1042) Important: kernel security and bug fix update
2015-06-02 00:00:00
(RHSA-2015:1120) Important: kernel security and bug fix update
2015-06-16 00:00:00
(RHSA-2015:1211) Important: kernel security and bug fix update
2015-07-07 00:00:00
cvelist
cvelist
CVE-2015-1805
2015-08-08 10:00:00
CVE-2016-0774
2016-04-27 17:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2015-06-02 00:00:00
kernel security and bug fix update
2015-06-03 00:00:00
Unbreakable Enterprise kernel security update
2016-03-23 00:00:00
nvd
nvd
CVE-2015-1805
2015-08-08 10:59:00
CVE-2016-0774
2016-04-27 17:59:06
centos
centos
kernel security update
2015-06-03 01:55:17
kernel, perf, python security update
2016-03-23 13:20:33
kernel, perf, python security update
2015-06-10 09:06:44
ubuntucve
ubuntucve
CVE-2015-1805
2015-06-03 00:00:00
CVE-2016-0774
2016-04-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:06
Memory Corruption
2019-05-02 05:39:39
Privilege Escalation
2019-05-02 05:39:47
androidsecurity
androidsecurity
Android Security Advisory โ€” 2016-03-18
2016-03-18 00:00:00
Nexus Security Bulletinโ€”April 2016
2016-04-04 00:00:00
Android Security Bulletinโ€”May 2016
2016-05-02 00:00:00
f5
f5
K17458 : Linux kernel vulnerability CVE-2015-1805
2015-10-19 00:00:00
SOL17458 - Linux kernel vulnerability CVE-2015-1805
2015-10-19 00:00:00
K08440897 : Linux kernel vulnerability CVE-2016-0774
2016-07-13 00:00:00
debiancve
debiancve
CVE-2015-1805
2015-08-08 10:59:00
CVE-2016-0774
2016-04-27 17:59:06
prion
prion
Design/Logic Flaw
2015-08-08 10:59:00
Design/Logic Flaw
2016-04-27 17:59:00
cve
cve
CVE-2015-1805
2015-08-08 10:59:00
CVE-2016-0774
2016-04-27 17:59:06
android
android
CVE-2015-1805
2016-04-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2015-07-23 00:00:00
Linux kernel (OMAP4) vulnerabilities
2015-07-23 00:00:00
Linux kernel vulnerabilities
2015-07-23 00:00:00
thn
thn
First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges
2017-09-26 02:52:00
This New Android Malware Can Gain Root Access to Your Smartphones
2021-10-29 13:48:00
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
2017-11-27 22:29:00
securityvulns
securityvulns
[SECURITY] [DSA 3290-1] linux security update
2015-06-21 00:00:00
Linux kernel security vulnerabilities
2015-06-21 00:00:00
debian
debian
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DLA 439-1] linux-2.6 security update
2016-02-29 18:43:11
osv
osv
linux - security update
2015-06-18 00:00:00
linux-2.6 - security update
2016-02-29 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
amazon
amazon
Medium: kernel
2015-07-22 10:00:00
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:15:30
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
googleprojectzero
googleprojectzero
In-the-Wild Series: Android Exploits
2021-01-12 00:00:00
ibm
ibm
Security Bulletin: PowerKVM is affected by Linux Kernel vulnerabilities (multiple CVEs)
2018-06-18 01:28:49
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for ANDROID:PIPE_INATOMIC
nessus52openvas39threatpost3redhat13cvelist2oraclelinux9nvd2centos4ubuntucve2veracode6androidsecurity3f53debiancve2prion2cve2android1ubuntu8thn3securityvulns2debian7osv5amazon1suse10googleprojectzero1ibm1lenovo1