Vulnerability Details : CVE-2015-9016
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.
Published
2018-04-05 18:29:00
Updated
2018-05-03 01:29:35
Vulnerability category: Memory Corruption
Products affected by CVE-2015-9016
- cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-9016
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-9016
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2015-9016
-
Assigned by: nvd@nist.gov (Primary)
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-9016
-
https://source.android.com/security/bulletin/2018-02-01
Android Security Bulletin—February 2018 | Android Open Source ProjectPatch;Vendor Advisory
-
https://www.debian.org/security/2018/dsa-4187
Debian -- Security Information -- DSA-4187-1 linux
-
https://github.com/torvalds/linux/commit/0048b4837affd153897ed1222283492070027aa9
blk-mq: fix race between timeout and freeing request · torvalds/linux@0048b48 · GitHubPatch;Vendor Advisory
Jump to