[email protected]CVE-2015-0274

HistoryMar 16, 2015 - 10:59 a.m.

CVE-2015-0274

2015-03-1610:59:00

CWE-19

[email protected]

web.nvd.nist.gov

xfs

linux kernel

cve-2015-0274

denial of service

privilege escalation

5.4 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remote attribute replacement, which allows local users to cause a denial of service (transaction overrun and data corruption) or possibly gain privileges by leveraging XFS filesystem access.

CPENameOperatorVersion
linux:linux_kernellinux linux kernellt3.15

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	lt	3.15

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59

rhn.redhat.com/errata/RHSA-2015-0290.html

rhn.redhat.com/errata/RHSA-2015-0694.html

www.securitytracker.com/id/1031853

www.ubuntu.com/usn/USN-2543-1

www.ubuntu.com/usn/USN-2544-1

bugzilla.redhat.com/show_bug.cgi?id=1195248

github.com/torvalds/linux/commit/8275cdd0e7ac550dcce2b3ef6d2fb3b808c1ae59

5.4 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-0274

debiancve1 openvas7 cvelist1 amazon1 ubuntucve1 nessus10 prion1 redhat2 veracode3 f52 ubuntu2 ibm1 centos1 oraclelinux1