Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2015-1805

Published: 08/08/2015 Updated: 05/01/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 643
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Android

Vulnerability Summary

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel prior to 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google android 6.0

google android 5.1.1

google android 4.4.3

google android 5.1

google android 5.0.1

linux linux kernel

Vendor Advisories

Amazon Linux AMI: ALAS-2015-565
It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun A local, unprivileged user could use this flaw to ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-ti-omap4 vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...

Github Repositories

https://github.com/panyu6325/CVE-2015-1805

CVE-2015-1805 poc

https://github.com/dosomder/iovyroot

CVE-2015-1805 root tool

iovyroot A root tool based on the CVE-2015-1805 vulnerability It supports 32 and 64bit but requires absolute kernel addresses (see offsetsc) poc was done by idler1984 githubcom/idl3r/testcode

https://github.com/snorez/exploits

practice

some exploits for practise cve-2015-1805 cve-2017-7184 just a practice, should use setcap tool cve-2017-2636 SMAP/SMEP bypass cve-2017-8890_v0 with nosmep, nosmap cve-2017-8890_v1 with smep, nosmap cve-2017-8890_v2 with smep, nosmap, for SLUB xfrm_poc RE challenge

https://github.com/mobilelinux/iovy_root_research

A root tool based on the [CVE-2015-1805 vulnerability](https://access.redhat.com/security/cve/cve-2015-1805) It supports 32 and 64bit, get sys call table address via swi.

Inspired by [dosomder/iovyroot] (githubcom/dosomder/iovyroot) A root tool based on the CVE-2015-1805 vulnerability It supports 32 and 64bit, get sys call table address via swi ref to Getting sys_call_table on Android

https://github.com/ireshchaminda1/Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805

AndroRAT is a capability that can be used to inject a root exploit as a silent installation to perform a malicious task on the device. This AndroRAT is designed to exploit CVE-2015-1805, a vulnerability that was discovered and made public in 2016.

Android-Privilege-Escalation-Remote-Access-Vulnerability-CVE-2015-1805 inject a root exploit as a silent installation to perform a malicious task on the device Vulnerability AndroRAT does not focus on targeting a specific user but rather works to acquire the confidence of the entire network Exploits are used to facilitate the movement of data around a network and the uploadin

https://github.com/jpacg/awesome-stars

Awesome List of my own!

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents Brainfuck C C# C++ CMake CSS CoffeeScript Dart Dockerfile Go HTML Handlebars Java JavaScript Jupyter Notebook Kotlin Lua Makefile Markdown Mercury Objective-C Others PHP Pascal Python QML Roff Ruby Rust SCSS Shell Stylus Swift TypeScript Vala Vue Brainfuck kiddin9/OpenWrt_x86-r2s-r4s-r5s-N1 -

https://github.com/JyotsnaSharma598/cybersecurity_case_studies

Cybersecurity Case Studies CVE-2015-1805 Google Android This study is about vulnerability CVE-2015-1805 that applied to rooting apps This fault allows malicious apps to gain “root” access to all Android phones with a below kernel version 318 Credit Card Breach at Home Depot A breach often leads to loss of sensitive data by the companies followed by lawsuits, f

Recent Articles

Google spews critical Android patch as millions of gadgets hit by Linux kernel bug
The Register • Darren Pauli • 22 Mar 2016

Firmware update needed to sink blunder that lets apps hijack devices

Google has shipped an out-of-band patch for Android shuttering a bug that is under active exploitation to root devices. The vulnerability (CVE-2015-1805) affects all Android devices running Linux kernel versions below 3.18 – we're talking millions of gadgets and handhelds, here. The vulnerability is a privilege elevation that lets apps execute arbitrary code in the kernel, allowing normal software to commandeer the hardware and install spyware, malware or legit custom firmware. Affected users ...

Read more...

References

CWE-17https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1https://bugzilla.redhat.com/show_bug.cgi?id=1202855http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045http://www.openwall.com/lists/oss-security/2015/06/06/2http://www.debian.org/security/2015/dsa-3290http://rhn.redhat.com/errata/RHSA-2015-1199.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1211.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1190.htmlhttp://source.android.com/security/bulletin/2016-04-02.htmlhttp://source.android.com/security/bulletin/2016-05-01.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/74951http://rhn.redhat.com/errata/RHSA-2015-1042.htmlhttp://www.securitytracker.com/id/1032454http://rhn.redhat.com/errata/RHSA-2015-1120.htmlhttp://www.ubuntu.com/usn/USN-2967-1http://www.ubuntu.com/usn/USN-2967-2http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.htmlhttp://www.ubuntu.com/usn/USN-2681-1http://www.ubuntu.com/usn/USN-2680-1http://www.ubuntu.com/usn/USN-2679-1http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1138.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1137.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1082.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1081.htmlhttps://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2015-565.htmlhttps://usn.ubuntu.com/2967-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook