CVE-2015-6640
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-6640
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Android 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。 Android 5.1.1 LMY49F之前版本和2016-01-01之前6.0版本的kernel/sys.c文件中的‘prctl_set_vma_anon_name’函数中存在安全漏洞,该漏洞源于程序在系统升级时没有确保只有一个vma可访问。攻击者可借助特制的应用程序利用该漏洞获取权限或造成拒绝服务(vma列表损坏)。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-6640
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/betalphafai/CVE-2015-6640 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-6640
请登录查看更多情报信息。
- http://source.android.com/security/bulletin/2016-01-01.htmlx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2015-6640
Same Patch Batch · n/a · 2016-01-06 · 13 CVEs total
| CVE-2015-5310 | Android Wi-Fi 安全漏洞 | |
| CVE-2015-6636 | Android mediaserver 安全漏洞 | |
| CVE-2015-6637 | Android MediaTek misc-sd驱动程序安全漏洞 | |
| CVE-2015-6638 | Android Imagination Technologies驱动程序安全漏洞 | |
| CVE-2015-6641 | Android Bluetooth 安全漏洞 | |
| CVE-2015-6642 | Android kernel 安全漏洞 | |
| CVE-2015-6643 | Android Setup Wizard 安全漏洞 | |
| CVE-2015-6644 | Android Bouncy Castle 安全漏洞 | |
| CVE-2015-6645 | Android SyncManager 拒绝服务漏洞 | |
| CVE-2015-6646 | Android kernel System V IPC 拒绝服务漏洞 | |
| CVE-2015-6639 | Android Widevine QSEE TrustZone应用程序安全漏洞 | |
| CVE-2015-6647 | Android Widevine QSEE TrustZone应用程序权限许可和访问控制问题漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2015-6640
No comments yet