The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8a5e5e02fc83aaf67053ab53b359af08c6c49aaf

source.android.com/security/bulletin/2016-03-01.html

www.debian.org/security/2016/dsa-3607

www.openwall.com/lists/oss-security/2015/05/02/6

www.securityfocus.com/bid/84260

www.ubuntu.com/usn/USN-2967-1

www.ubuntu.com/usn/USN-2967-2

www.ubuntu.com/usn/USN-2968-1

www.ubuntu.com/usn/USN-2968-2

www.ubuntu.com/usn/USN-2969-1

www.ubuntu.com/usn/USN-2970-1

www.ubuntu.com/usn/USN-2971-1

www.ubuntu.com/usn/USN-2971-2

www.ubuntu.com/usn/USN-2971-3

github.com/torvalds/linux/commit/8a5e5e02fc83aaf67053ab53b359af08c6c49aaf

nvd 2

ubuntucve 2

prion 2

debiancve 2

cve 2

f5 2

thn 4

nessus 53

android 2

cloudfoundry 2

redhat 6

openvas 54

cvelist 1

fedora 8

amazon 1

oraclelinux 5

ubuntu 17

talosblog 1

securityvulns 4

debian 5

veracode 1

mageia 3

osv 3

centos 2

securelist 1

suse 10

ibm 1

androidsecurity 2

lenovo 1

nvd

CVE-2016-0821

2016-03-12 21:59:05

CVE-2015-3636

2015-08-06 01:59:00

ubuntucve

CVE-2016-0821

2016-03-12 00:00:00

CVE-2015-3636

2015-05-02 00:00:00

prion

Design/Logic Flaw

2016-03-12 21:59:00

Code injection

2015-08-06 01:59:00

debiancve

CVE-2016-0821

2016-03-12 21:59:05

CVE-2015-3636

2015-08-06 01:59:00

cve

CVE-2016-0821

2016-03-12 21:59:05

CVE-2015-3636

2015-08-06 01:59:00

SOL17246 - Linux kernel vulnerability CVE-2015-3636

2015-09-08 00:00:00

K17246 : Linux kernel vulnerability CVE-2015-3636

2015-09-08 00:00:00

thn

New Android Malware Secretly Records Phone Calls and Steals Private Data

2018-04-03 14:21:00

CopyCat Android Rooting Malware Infected 14 Million Devices

2017-07-06 05:17:00

This New Android Malware Can Gain Root Access to Your Smartphones

2021-10-29 13:48:00

nessus

F5 Networks BIG-IP : Linux kernel vulnerability (K17246)

2015-09-09 00:00:00

Fedora 22 : kernel-4.0.2-300.fc22 (2015-7784)

2015-05-12 00:00:00

RHEL 6 : kernel (RHSA-2015:1583)

2015-08-12 00:00:00

android

PingPongRoot

2015-05-08 00:00:00

CVE-2015-3636

2015-09-01 00:00:00

cloudfoundry

CVE-2015-3636 - ipv4 use-after-free | Cloud Foundry

2015-06-12 00:00:00

USN-2970-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry

2016-06-03 00:00:00

redhat

(RHSA-2015:1643) Moderate: kernel security and bug fix update

2015-08-18 00:00:00

(RHSA-2015:1583) Moderate: kernel security and bug fix update

2015-08-11 00:00:00

(RHSA-2015:1564) Moderate: kernel-rt security, bug fix, and enhancement update

2015-08-05 00:00:00

openvas

Fedora Update for kernel FEDORA-2015-7784

2015-07-07 00:00:00

F5 BIG-IP - Linux kernel vulnerability CVE-2015-3636

2015-09-18 00:00:00

Oracle: Security Advisory (ELSA-2015-3049)

2015-10-06 00:00:00

cvelist

CVE-2015-3636

2015-08-06 01:00:00

fedora

[SECURITY] Fedora 22 Update: kernel-4.0.2-300.fc22

2015-05-11 19:03:23

[SECURITY] Fedora 21 Update: kernel-4.0.4-202.fc21

2015-06-01 17:07:06

[SECURITY] Fedora 21 Update: kernel-3.19.7-200.fc21

2015-05-12 20:41:10

amazon

Medium: kernel

2015-05-14 14:27:00

oraclelinux

Unbreakable Enterprise kernel security update

2015-07-16 00:00:00

Unbreakable Enterprise kernel security update

2015-07-15 00:00:00

kernel security and bug fix update

2015-08-05 00:00:00

ubuntu

Linux kernel vulnerabilities

2015-06-10 00:00:00

Linux kernel vulnerabilities

2015-06-10 00:00:00

Linux kernel (Utopic HWE) vulnerabilities

2015-06-10 00:00:00

talosblog

Fake AV Investigation Unearths KevDroid, New Android Malware

2018-04-02 08:48:00

securityvulns

[USN-2634-1] Linux kernel vulnerabilities

2015-06-13 00:00:00

[SECURITY] [DSA 3290-1] linux security update

2015-06-21 00:00:00

Linux kernel security vulnerabilities

2015-06-21 00:00:00

debian

[SECURITY] [DSA 3290-1] linux security update

2015-06-18 06:58:51

[SECURITY] [DSA 3290-1] linux security update

2015-06-18 06:58:51

[SECURITY] [DLA 516-1] linux security update

2016-06-17 12:12:11

veracode

Privilege Escalation

2019-05-02 05:41:45

mageia

Updated kernel-linus packages fix security vulnerabilities

2015-05-13 20:18:54

Updated kernel packages fix security vulnerabilities

2015-05-11 23:10:38

Updated kernel-tmb packages fix security vulnerabilities

2015-05-13 18:54:07

osv

linux - security update

2015-06-18 00:00:00

linux - security update

2016-06-17 00:00:00

linux - security update

2016-06-28 00:00:00

centos

kernel, perf, python security update

2015-08-06 04:42:16

kernel, perf, python security update

2015-07-15 15:04:33

securelist

Skygofree: Following in the footsteps of HackingTeam

2018-01-16 10:00:58

suse

Live patch for the Linux Kernel (important)

2015-09-04 12:16:25

Live patch for the Linux Kernel (important)

2015-09-04 12:09:23

Live patch for the Linux Kernel (important)

2015-09-04 12:11:01

ibm

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

2018-06-18 01:29:25

androidsecurity

Nexus Security Bulletin - September 2015

2015-09-09 00:00:00

Nexus Security Bulletin - March 2016

2016-03-07 00:00:00

lenovo

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

2020-04-13 19:22:04

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.9%

JSON

Related for CVELIST:CVE-2016-0821