admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-89xx/CVE-2015-8950.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

140 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-8950",
"sourceIdentifier": "security@android.com",
"published": "2016-10-10T10:59:01.260",
"lastModified": "2016-11-28T19:50:45.630",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call."
},
{
"lang": "es",
"value": "arch/arm64/mm/dma-mapping.c en el kernel de Linux en versiones anteriores a 4.0.3, como es usado en el subsistema ION en Android y otros productos, no inicializa ciertas estructuras de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel desencadenando una llamada dma_mmap."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.0.2",
"matchCriteriaId": "3918BCE8-1066-4D3E-A44A-126FCFA0C97B"
}
]
}
]
}
],
"references": [
{
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "http://source.android.com/security/bulletin/2016-10-01.html",
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3",
"source": "security@android.com",
"tags": [
"Release Notes"
]
},
{
"url": "http://www.securityfocus.com/bid/93318",
"source": "security@android.com"
},
{
"url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8",
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink