CVE-2015-1805— Linux kernel‘fs/pipe.c’本地内存损坏漏洞

EPSS 14.77% · P95 更新于 2026-02-21

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2015-1805 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Linux kernel‘fs/pipe.c’本地内存损坏漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.16之前版本的fs/pipe.c文件中的pipe_read和pipe_write实现过程中存在安全漏洞，该漏洞源于程序没有正确考虑failed __copy_to_user_inatomic和__copy_from_user_inatomic调用的副效应。本地攻击者可借助特制的应用程序利用该漏洞造成拒绝服务（系统崩溃

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE	订阅
-	n/a	n/a	-

二、漏洞 CVE-2015-1805 的公开POC

#	POC 描述	源链接	神龙链接
1	None	https://github.com/panyu6325/CVE-2015-1805	POC详情
2	CVE-2015-1805 root tool	https://github.com/dosomder/iovyroot	POC详情
3	None	https://github.com/FloatingGuy/cve-2015-1805	POC详情
4	A root tool based on the [CVE-2015-1805 vulnerability](https://access.redhat.com/security/cve/cve-2015-1805) It supports 32 and 64bit, get sys call table address via swi.	https://github.com/mobilelinux/iovy_root_research	POC详情
5	AndroRAT is a capability that can be used to inject a root exploit as a silent installation to perform a malicious task on the device. This AndroRAT is designed to exploit CVE-2015-1805, a vulnerability that was discovered and made public in 2016.	https://github.com/ireshchaminda1/Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805	POC详情

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2015-1805 的情报信息

Please 登录 to view more intelligence information

https://bugzilla.redhat.com/show_bug.cgi?id=1202855x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlx_refsource_CONFIRM
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1x_refsource_CONFIRM
Android Security Bulletin—May 2016 | Android Open Source Projectx_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1x_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045x_refsource_CONFIRM
http://source.android.com/security/bulletin/2016-04-02.htmlx_refsource_CONFIRM
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045x_refsource_CONFIRM
http://www.securityfocus.com/bid/74951vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032454vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2015/dsa-3290vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2681-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2967-1vendor-advisoryx_refsource_UBUNTU
USN-2967-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices | Ubuntuvendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2679-1vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-1190.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1211.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1120.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1042.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1137.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1082.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1138.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1199.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1081.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlvendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/06/06/2mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2015-1805

同批安全公告 · n/a · 2015-08-08 · 共 10 条

CVE-2015-2897		Sierra Wireless ALEOS 信息泄露漏洞
CVE-2015-2980		Yodobashi Camera Yodobashi for Android 信息泄露漏洞
CVE-2015-2744		Mozilla Firefox OS Gaia 跨站脚本漏洞
CVE-2015-2745		Mozilla Firefox OS Gaia 跨站脚本漏洞
CVE-2015-4494		Mozilla Firefox OS 信息泄露漏洞
CVE-2015-4495		多款Mozilla产品PDF阅读器安全漏洞
CVE-2015-5960		Mozilla Firefox OS 安全绕过漏洞
CVE-2015-5961		Mozilla Firefox OS 权限许可和访问控制漏洞
CVE-2015-5962		Mozilla Firefox OS graphics layer 数字错误漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-1805

暂无评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2015-1805— Linux kernel‘fs/pipe.c’本地内存损坏漏洞

一、漏洞 CVE-2015-1805 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2015-1805 的公开POC

三、漏洞 CVE-2015-1805 的情报信息

同批安全公告 · n/a · 2015-08-08 · 共 10 条

IV. Related Vulnerabilities

V. Comments for CVE-2015-1805

发表评论

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

CVE-2015-1805— Linux kernel‘fs/pipe.c’本地内存损坏漏洞

一、 漏洞 CVE-2015-1805 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2015-1805 的公开POC

三、漏洞 CVE-2015-1805 的情报信息

同批安全公告 · n/a · 2015-08-08 · 共 10 条

IV. Related Vulnerabilities

V. Comments for CVE-2015-1805

发表评论

目标达成感谢每一位支持者 — 我们达成了 100% 目标！

一、漏洞 CVE-2015-1805 基础信息