PT-2016-3544 · Google+2 · Android+2

Published

2014-06-25

Updated

2016-07-12

CVE-2014-9803

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.15-rc5-next-20140519 Android versions prior to 2016-07-05 on Nexus 5X and 6P devices

Description The issue concerns the mishandling of execute-only pages in the Linux kernel, which can be exploited by attackers to gain privileges via a crafted application.

Recommendations For Linux kernel versions prior to 3.15-rc5-next-20140519, update to a version that includes the necessary fixes. For Android versions prior to 2016-07-05 on Nexus 5X and 6P devices, update to a newer version that includes the security patch.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-19

Related Identifiers

ALT-PU-2014-1819

ALT-PU-2015-1794

CVE-2014-9803

Affected Products

Alt Linux

Android

Linux Kernel

PT-2016-3544 · Google+2 · Android+2

CVE-2014-9803

Weakness Enumeration

Related Identifiers

Affected Products

References · 362