CVE-2015-0573

drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call.

Weakness

The product dereferences a pointer that it expects to be valid but is NULL.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	3.0 (including)	3.19.8 (including)
Linux-flo	Ubuntu	trusty	*
Linux-flo	Ubuntu	vivid/stable-phone-overlay	*
Linux-flo	Ubuntu	xenial	*
Linux-flo	Ubuntu	yakkety	*
Linux-goldfish	Ubuntu	trusty	*
Linux-goldfish	Ubuntu	xenial	*
Linux-goldfish	Ubuntu	yakkety	*
Linux-goldfish	Ubuntu	zesty	*
Linux-grouper	Ubuntu	trusty	*
Linux-linaro-omap	Ubuntu	precise	*
Linux-linaro-shared	Ubuntu	precise	*
Linux-linaro-vexpress	Ubuntu	precise	*
Linux-lts-quantal	Ubuntu	precise	*
Linux-lts-quantal	Ubuntu	precise/esm	*
Linux-lts-raring	Ubuntu	precise	*
Linux-lts-raring	Ubuntu	precise/esm	*
Linux-lts-saucy	Ubuntu	precise	*
Linux-lts-saucy	Ubuntu	precise/esm	*
Linux-maguro	Ubuntu	trusty	*
Linux-mako	Ubuntu	trusty	*
Linux-mako	Ubuntu	vivid/stable-phone-overlay	*
Linux-mako	Ubuntu	xenial	*
Linux-mako	Ubuntu	yakkety	*
Linux-manta	Ubuntu	trusty	*
Linux-qcm-msm	Ubuntu	precise	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-0573
CWE	https://cwe.mitre.org/data/definitions/476.html

NULL Pointer Dereference

Weakness

Affected Software

Potential Mitigations

References