QwikSec

Security Database

CVE

CWE

Training

CVE-2015-0571

Published: May 9, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://source.android.com/security/bulletin/2016-05-01.html

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://www.codeaurora.org/projects/security-advisories/multiple-issues-wlan-driver-allow-local-privilege-escalation-cve-2015

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.