Lucene search

[email protected]CVE-2015-7613

HistoryOct 19, 2015 - 10:59 a.m.

CVE-2015-7613

2015-10-1910:59:00

CWE-362

[email protected]

web.nvd.nist.gov

linux kernel

ipc object

cve-2015-7613

privilege escalation

race condition

nvd

5.9 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.3%

JSON

Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c.

CPENameOperatorVersion
linux:linux_kernellinux linux kernelle4.2.3

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	le	4.2.3

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf

lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html

rhn.redhat.com/errata/RHSA-2015-2636.html

www.debian.org/security/2015/dsa-3372

www.openwall.com/lists/oss-security/2015/10/01/8

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/76977

www.securitytracker.com/id/1034094

www.securitytracker.com/id/1034592

www.ubuntu.com/usn/USN-2761-1

www.ubuntu.com/usn/USN-2762-1

www.ubuntu.com/usn/USN-2763-1

www.ubuntu.com/usn/USN-2764-1

www.ubuntu.com/usn/USN-2765-1

www.ubuntu.com/usn/USN-2792-1

bugzilla.redhat.com/show_bug.cgi?id=1268270

github.com/torvalds/linux/commit/b9a532277938798b53178d5a66af6e2915cb27cf

kc.mcafee.com/corporate/index?page=content&id=SB10146

5.9 Medium

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.3%

JSON

Related for CVE-2015-7613

nessus33 f52 ubuntucve2 ubuntu7 openvas25 prion2 debiancve1 suse8 oraclelinux5 cve1 fedora3 osv2 redhat4 debian3 amazon1 centos2 androidsecurity1 ibm1 securityvulns1 lenovo1