CVE-2015-8950 in Kernelinfo

Summary

arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/11/2016

Disclosure

10/10/2016

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-200

CVSS

5.5

EPSS

0.00147

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-8950
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8950
CVE Details	https://www.cvedetails.com/cve/CVE-2015-8950/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!