[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-1805Date: (C)2015-08-10   (M)2024-03-21


The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an "I/O vector array overrun."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1032454
BID-74951
DSA-3290
RHSA-2015:1042
RHSA-2015:1081
RHSA-2015:1082
RHSA-2015:1120
RHSA-2015:1137
RHSA-2015:1138
RHSA-2015:1190
RHSA-2015:1199
RHSA-2015:1211
SUSE-SU-2015:1224
SUSE-SU-2015:1324
SUSE-SU-2015:1478
SUSE-SU-2015:1487
SUSE-SU-2015:1488
SUSE-SU-2015:1489
SUSE-SU-2015:1490
SUSE-SU-2015:1491
SUSE-SU-2015:1592
SUSE-SU-2015:1611
USN-2679-1
USN-2680-1
USN-2681-1
USN-2967-1
USN-2967-2
http://www.openwall.com/lists/oss-security/2015/06/06/2
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=637b58c2887e5e57850865839cc75f59184b23d1
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f0d1bec9d58d4c038d0ac958c9af82be6eb18045
http://source.android.com/security/bulletin/2016-04-02.html
http://source.android.com/security/bulletin/2016-05-01.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
https://bugzilla.redhat.com/show_bug.cgi?id=1202855
https://github.com/torvalds/linux/commit/637b58c2887e5e57850865839cc75f59184b23d1
https://github.com/torvalds/linux/commit/f0d1bec9d58d4c038d0ac958c9af82be6eb18045

CPE    6
cpe:/o:google:android:4.4.3
cpe:/o:google:android:5.1.1
cpe:/o:google:android:5.0.1
cpe:/o:google:android:5.1
...
CWE    1
CWE-17
OVAL    26
oval:org.secpod.oval:def:702692
oval:org.secpod.oval:def:702695
oval:org.secpod.oval:def:501572
oval:org.secpod.oval:def:203637
...

© SecPod Technologies