Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-1805
HistoryAug 08, 2015 - 10:59 a.m.

CVE-2015-1805

2015-08-0810:59:00
CWE-17
[email protected]
web.nvd.nist.gov
210
cve-2015-1805
linux kernel
pipe.c
denial of service
privilege escalation
nvd

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an “I/O vector array overrun.”

Affected configurations

NVD
Node
googleandroidMatch4.4.3
OR
googleandroidMatch5.0.1
OR
googleandroidMatch5.1
OR
googleandroidMatch5.1.1
OR
googleandroidMatch6.0
Node
linuxlinux_kernelRange3.15.10

References

Related

oraclelinux 9
nessus 52
veracode 6
android 2
redhat 13
openvas 39
threatpost 3
cvelist 2
androidsecurity 3
debiancve 2
f5 3
centos 4
ubuntucve 2
nvd 2
prion 2
ubuntu 8
cve 1
thn 3
debian 7
securityvulns 2
osv 5
amazon 1
suse 10
googleprojectzero 1
ibm 1
lenovo 1
oraclelinux
oraclelinux
kernel security and bug fix update
2015-06-03 00:00:00
kernel security and bug fix update
2015-06-02 00:00:00
Unbreakable Enterprise kernel security update
2016-03-23 00:00:00
nessus
nessus
RHEL 5 : kernel (RHSA-2015:1042)
2015-06-03 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (SOL17458)
2015-10-20 00:00:00
Oracle Linux 5 : ELSA-2015-1042-1: / kernel (ELSA-2015-10421)
2023-09-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:06:06
ASLR Bypass
2019-05-02 05:39:40
Sensitive Information Leakage
2019-05-02 05:39:40
android
android
pipe inatomic
2015-06-06 00:00:00
CVE-2015-1805
2016-04-02 00:00:00
redhat
redhat
(RHSA-2015:1120) Important: kernel security and bug fix update
2015-06-16 00:00:00
(RHSA-2015:1042) Important: kernel security and bug fix update
2015-06-02 00:00:00
(RHSA-2015:1211) Important: kernel security and bug fix update
2015-07-07 00:00:00
openvas
openvas
CentOS Update for kernel CESA-2015:1042 centos5
2015-06-09 00:00:00
Oracle: Security Advisory (ELSA-2015-1042-1)
2015-10-06 00:00:00
RedHat Update for kernel RHSA-2015:1042-01
2015-06-09 00:00:00
threatpost
threatpost
Android Rooting Application Emergency Patch
2016-03-23 07:00:46
April 2016 Google Android Nexus Security Bulletin
2016-04-04 14:00:22
Google Detects and Boots Tizi Spyware Off Google Play
2017-11-28 12:40:09
cvelist
cvelist
CVE-2015-1805
2015-08-08 10:00:00
CVE-2016-0774
2016-04-27 17:00:00
androidsecurity
androidsecurity
Android Security Advisory — 2016-03-18
2016-03-18 00:00:00
Nexus Security Bulletin—April 2016
2016-04-04 00:00:00
Android Security Bulletin—May 2016
2016-05-02 00:00:00
debiancve
debiancve
CVE-2015-1805
2015-08-08 10:59:00
CVE-2016-0774
2016-04-27 17:59:06
f5
f5
K17458 : Linux kernel vulnerability CVE-2015-1805
2015-10-19 00:00:00
SOL17458 - Linux kernel vulnerability CVE-2015-1805
2015-10-19 00:00:00
K08440897 : Linux kernel vulnerability CVE-2016-0774
2016-07-13 00:00:00
centos
centos
kernel security update
2015-06-03 01:55:17
kernel, perf, python security update
2016-03-23 13:20:33
kernel, perf, python security update
2015-06-10 09:06:44
ubuntucve
ubuntucve
CVE-2015-1805
2015-06-03 00:00:00
CVE-2016-0774
2016-04-27 00:00:00
nvd
nvd
CVE-2015-1805
2015-08-08 10:59:00
CVE-2016-0774
2016-04-27 17:59:06
prion
prion
Design/Logic Flaw
2015-08-08 10:59:00
Design/Logic Flaw
2016-04-27 17:59:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2015-07-23 00:00:00
Linux kernel (OMAP4) vulnerabilities
2015-07-23 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2015-07-23 00:00:00
cve
cve
CVE-2016-0774
2016-04-27 17:59:06
thn
thn
First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges
2017-09-26 02:52:00
This New Android Malware Can Gain Root Access to Your Smartphones
2021-10-29 13:48:00
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
2017-11-27 22:29:00
debian
debian
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DSA 3290-1] linux security update
2015-06-18 06:58:51
[SECURITY] [DLA 439-1] linux-2.6 security update
2016-02-29 18:43:11
securityvulns
securityvulns
[SECURITY] [DSA 3290-1] linux security update
2015-06-21 00:00:00
Linux kernel security vulnerabilities
2015-06-21 00:00:00
osv
osv
linux - security update
2015-06-18 00:00:00
linux-2.6 - security update
2016-02-29 00:00:00
linux-2.6 - security update
2015-06-17 00:00:00
amazon
amazon
Medium: kernel
2015-07-22 10:00:00
suse
suse
Live patch for the Linux Kernel (important)
2015-09-04 12:15:30
Live patch for the Linux Kernel (important)
2015-09-04 12:16:25
Live patch for the Linux Kernel (important)
2015-09-04 12:09:23
googleprojectzero
googleprojectzero
In-the-Wild Series: Android Exploits
2021-01-12 00:00:00
ibm
ibm
Security Bulletin: PowerKVM is affected by Linux Kernel vulnerabilities (multiple CVEs)
2018-06-18 01:28:49
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for CVE-2015-1805
oraclelinux9nessus52veracode6android2redhat13openvas39threatpost3cvelist2androidsecurity3debiancve2f53centos4ubuntucve2nvd2prion2ubuntu8cve1thn3debian7securityvulns2osv5amazon1suse10googleprojectzero1ibm1lenovo1