VDB

CVE-2016-9120

CVE-2016-9120 PUBLISHED

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

EPSS 0.11% · 28.8th percentile

Risk Scores

EPSS Score
0.11%
28.8th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSlinux-azure4.15.0-1008.8, 4.15.0-1012.12, 4.15.0-1013.13
Ubuntu:22.04:LTSlinux-intel-iot-realtime5.15.0-1073.75, 0
Ubuntu:22.04:LTSlinux-riscv5.13.0-1010.11+22.04.1, 5.15.0-1017.19, 5.15.0-1026.30
Ubuntu:24.04:LTSlinux-raspi-realtime6.8.0-2019.20, 0
Ubuntu:20.04:LTSlinux-raspi20, 5.3.0-1007.8, 5.3.0-1014.16
Ubuntu:20.04:LTSlinux-gke5.4.0-1097.104, 5.4.0-1096.103, 5.4.0-1095.102
Ubuntu:18.04:LTSlinux-hwe*, 4.18.0-13.14~18.04.1, 4.18.0-14.15~18.04.1
Ubuntu:22.04:LTSlinux-realtime0, 5.15.0-1032.35
Ubuntu:20.04:LTSlinux-riscv5.4.0-31.35, 5.4.0-40.45, 5.4.0-37.42
Ubuntu:18.04:LTSlinux-gcp4.15.0-1036.38, 4.15.0-1034.36, 4.15.0-1033.35
Ubuntu:20.04:LTSlinux-azure-fde0, 5.4.0-1063.66+cvm2.2, 5.4.0-1063.66+cvm3.2

Exploit Intelligence

…and 314 more exploits

Timeline

  • Dec 8, 2016 CVE Published
  • Jan 16, 2018 PoC Published
  • May 28, 2021 PoC Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 17, 2022 CVE Updated
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Jul 29, 2022 PoC Published
  • Sep 3, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›