CVE-2015-1805

EPSS 14.77% · P95 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-1805

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel‘fs/pipe.c’本地内存损坏漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.16之前版本的fs/pipe.c文件中的pipe_read和pipe_write实现过程中存在安全漏洞，该漏洞源于程序没有正确考虑failed __copy_to_user_inatomic和__copy_from_user_inatomic调用的副效应。本地攻击者可借助特制的应用程序利用该漏洞造成拒绝服务（系统崩溃

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-1805

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/panyu6325/CVE-2015-1805	POC Details
2	CVE-2015-1805 root tool	https://github.com/dosomder/iovyroot	POC Details
3	None	https://github.com/FloatingGuy/cve-2015-1805	POC Details
4	A root tool based on the [CVE-2015-1805 vulnerability](https://access.redhat.com/security/cve/cve-2015-1805) It supports 32 and 64bit, get sys call table address via swi.	https://github.com/mobilelinux/iovy_root_research	POC Details
5	AndroRAT is a capability that can be used to inject a root exploit as a silent installation to perform a malicious task on the device. This AndroRAT is designed to exploit CVE-2015-1805, a vulnerability that was discovered and made public in 2016.	https://github.com/ireshchaminda1/Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-1805

请登录查看更多情报信息。

https://bugzilla.redhat.com/show_bug.cgi?id=1202855x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlx_refsource_CONFIRM
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1x_refsource_CONFIRM
Android Security Bulletin—May 2016 | Android Open Source Projectx_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1x_refsource_CONFIRM
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045x_refsource_CONFIRM
http://source.android.com/security/bulletin/2016-04-02.htmlx_refsource_CONFIRM
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045x_refsource_CONFIRM
http://www.securityfocus.com/bid/74951vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032454vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2015/dsa-3290vendor-advisoryx_refsource_DEBIAN
http://www.ubuntu.com/usn/USN-2681-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2967-1vendor-advisoryx_refsource_UBUNTU
USN-2967-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices | Ubuntuvendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/USN-2679-1vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2015-1190.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1211.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1120.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1042.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1137.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1082.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1138.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1199.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1081.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.htmlvendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlvendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/06/06/2mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2015-1805

Same Patch Batch · n/a · 2015-08-08 · 10 CVEs total

CVE-2015-2897		Sierra Wireless ALEOS 信息泄露漏洞
CVE-2015-2980		Yodobashi Camera Yodobashi for Android 信息泄露漏洞
CVE-2015-2744		Mozilla Firefox OS Gaia 跨站脚本漏洞
CVE-2015-2745		Mozilla Firefox OS Gaia 跨站脚本漏洞
CVE-2015-4494		Mozilla Firefox OS 信息泄露漏洞
CVE-2015-4495		多款Mozilla产品PDF阅读器安全漏洞
CVE-2015-5960		Mozilla Firefox OS 安全绕过漏洞
CVE-2015-5961		Mozilla Firefox OS 权限许可和访问控制漏洞
CVE-2015-5962		Mozilla Firefox OS graphics layer 数字错误漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-1805

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-1805

I. Basic Information for CVE-2015-1805

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-1805

III. Intelligence Information for CVE-2015-1805

Same Patch Batch · n/a · 2015-08-08 · 10 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-1805

Leave a comment