The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2016-01-06T19:00:00

Updated: 2024-08-06T07:29:24.295Z

Reserved: 2015-08-21T00:00:00

Link: CVE-2015-6640

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-01-06T19:59:05.190

Modified: 2024-11-21T02:35:21.430

Link: CVE-2015-6640

cve-icon Redhat

No data.