Lucene search

K
cveMitreCVE-2015-2041
HistoryApr 21, 2015 - 10:59 a.m.

CVE-2015-2041

2015-04-2110:59:01
CWE-17
mitre
web.nvd.nist.gov
92
cve-2015-2041
linux kernel
sysctl
information security
vulnerability

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0

Percentile

10.1%

net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry.

Affected configurations

Nvd
Node
susesuse_linux_enterprise_serverMatch10sp4
Node
linuxlinux_kernelRange≤3.18.7
Node
debiandebian_linux
VendorProductVersionCPE
susesuse_linux_enterprise_server10cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp4:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
debiandebian_linux*cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0

Percentile

10.1%