Lucene search

K
cve[email protected]CVE-2015-5707
HistoryOct 19, 2015 - 10:59 a.m.

CVE-2015-5707

2015-10-1910:59:05
CWE-190
web.nvd.nist.gov
84
cve-2015-5707
integer overflow
sg_start_req
linux kernel
denial of service
nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

High

EPSS

0

Percentile

10.1%

Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request.

Affected configurations

NVD
Node
linuxlinux_kernelRange2.6.0โ€“4.1.0
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch15.04
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
susesuse_linux_enterprise_desktopMatch11sp3
OR
susesuse_linux_enterprise_serverMatch11sp2ltss
OR
susesuse_linux_enterprise_serverMatch11sp3
OR
susesuse_linux_enterprise_serverMatch11sp3vmware

References

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

High

EPSS

0

Percentile

10.1%