CVE-2015-6640

HIGH

Android < 5.1.1 LMY49F and 6.0 < 2016-01-01 - Privilege Escalation or Denial of Service via VMA List Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-6640. PoCs published by betalphafai.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2015-6640, a Linux kernel vulnerability related to the PR_SET_VMA prctl operation. The exploit demonstrates the vulnerability by manipulating memory mappings and verifying the behavior via /proc/self/maps.

Description

The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123.

Exploits (1)

nomisec WORKING POC 11 stars

by betalphafai · poc

https://github.com/betalphafai/CVE-2015-6640

View Code ZIP pw:eip

This repository contains a functional proof-of-concept exploit for CVE-2015-6640, a Linux kernel vulnerability related to the PR_SET_VMA prctl operation. The exploit demonstrates the vulnerability by manipulating memory mappings and verifying the behavior via /proc/self/maps.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Linux kernel (versions affected by CVE-2015-6640)

No auth needed

Prerequisites: Access to a vulnerable Linux kernel · Ability to execute code on the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1034592

Vendor Advisory x_refsource_confirm

http://source.android.com/security/bulletin/2016-01-01.html

Patch x_refsource_confirm

https://android.googlesource.com/kernel%2Fcommon/+/69bfe2d957d903521d32324190c2754cb073be15

Scores

CVSS v3 7.8

EPSS 0.0073

EPSS Percentile 49.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (4)

google/android 4.4.4

google/android 5.0

google/android 5.1.1

google/android 6.0

Published Jan 06, 2016

Tracked Since Feb 18, 2026