{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-26T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01.000Z", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"name": "84265", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/84265"}, {"tags": ["x_refsource_MISC"], "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://source.android.com/security/bulletin/2016-03-01.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2016-0823", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "84265", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84265"}, {"name": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html", "refsource": "MISC", "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"}, {"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3"}, {"name": "http://source.android.com/security/bulletin/2016-03-01.html", "refsource": "CONFIRM", "url": "http://source.android.com/security/bulletin/2016-03-01.html"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"name": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:30:05.021Z"}, "title": "CVE Program Container", "references": [{"name": "84265", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/84265"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://source.android.com/security/bulletin/2016-03-01.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}]}]}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-0823", "datePublished": "2016-03-12T21:00:00.000Z", "dateReserved": "2015-12-16T00:00:00.000Z", "dateUpdated": "2024-08-05T22:30:05.021Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E335FBB-6DCB-4D93-92DD-B57D792B07F4", "versionEndIncluding": "3.19.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721."}, {"lang": "es", "value": "La funci\u00f3n pagemap_open en fs/proc/task_mmu.c en el kernel de Linux en versiones anteriores a 3.19.3, tal como se utiliza en Android 6.0.1 en versiones anteriores a 2016-03-01, permite a usuarios locales obtener informaci\u00f3n sensible de la direcci\u00f3n f\u00edsica leyendo un archivo pagemap, tambi\u00e9n conocido como error interno de Android 25739721."}], "id": "CVE-2016-0823", "lastModified": "2026-05-06T22:30:45.220", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-12T21:59:08.027", "references": [{"source": "security@android.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"source": "security@android.com", "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"}, {"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-03-01.html"}, {"source": "security@android.com", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3"}, {"source": "security@android.com", "url": "http://www.securityfocus.com/bid/84265"}, {"source": "security@android.com", "url": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-03-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/84265"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: Leakage of physical address mappings to non-privileged userspace", "id": "1317576", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317576"}, "csaw": false, "cvss": {"cvss_base_score": "2.1", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "status": "draft"}, "cwe": "CWE-732", "details": ["The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721."], "name": "CVE-2016-0823", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2015-03-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-0823\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-0823\nhttps://googleprojectzero.blogspot.cz/2015/03/exploiting-dram-rowhammer-bug-to-gain.html"], "statement": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5.\nThis has been rated as having Low security impact and is not currently\nplanned to be addressed in future updates of 6, 7, and MRG-2. For additional\ninformation, refer to the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/ .", "threat_severity": "Low"}

{}