Back to search
CVE-2016-0821
Published: Mar 12, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The LIST_POISON feature in include/linux/poison.h in the Linux kernel before 4.3, as used in Android 6.0.1 before 2016-03-01, does not properly consider the relationship to the mmap_min_addr value, which makes it easier for attackers to bypass a poison-pointer protection mechanism by triggering the use of an uninitialized list entry, aka Android internal bug 26186802, a different vulnerability than CVE-2015-3636.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-2971-2
vendor-advisory
x_refsource_UBUNTU
USN-2967-1
vendor-advisory
x_refsource_UBUNTU
USN-2970-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20150502 Re: CVE request for a fixed bug existed in all versions of linux kernel from KeenTeam
mailing-list
x_refsource_MLIST
USN-2969-1
vendor-advisory
x_refsource_UBUNTU
USN-2967-2
vendor-advisory
x_refsource_UBUNTU
USN-2968-1
vendor-advisory
x_refsource_UBUNTU
http://source.android.com/security/bulletin/2016-03-01.html
x_refsource_CONFIRM
USN-2971-3
vendor-advisory
x_refsource_UBUNTU
DSA-3607
vendor-advisory
x_refsource_DEBIAN
USN-2971-1
vendor-advisory
x_refsource_UBUNTU
USN-2968-2
vendor-advisory
x_refsource_UBUNTU
84260
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now