← Back

CVE-2015-9004

nvd nist
Published: May 2, 2017Modified: May 13, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Affected (6)

Linux
1 product
Linux Kernel
Google
1 product
Android
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Linux
Linux Kernel
Before 3.2.95
Linux Kernel
From 3.10.65 to 3.10.105
Linux Kernel
From 3.12 to 3.12.68
Linux Kernel
From 3.14.29 to 3.16.35
Linux Kernel
From 3.18.3 to 3.18.52
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Android
Up to 7.1.1

Related CWEs

CWE-264
CWE-264

References (8)

Source: security@android.com
Issue TrackingPatchThird Party Advisory
Source: security@android.com
Third Party AdvisoryVDB Entry
Source: security@android.com
Issue TrackingPatchThird Party Advisory
Source: security@android.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.