2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
9.3%
USN-2751-1 Linux Kernel (Vivid HWE) Vulnerability
Medium to Low
Canonical Ubuntu
Several security issues were fixed in the kernel.
Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697)
Marc-AndrΓ© Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). (CVE-2015-6252)
_Severity is medium unless otherwise noted.
_
Users of affected versions should apply the following mitigation:
Benjamin Randazzo and Marc-AndrΓ© Lureau