Lucene search

K
cve[email protected]CVE-2015-8785
HistoryFeb 08, 2016 - 3:59 a.m.

CVE-2015-8785

2016-02-0803:59:07
CWE-835
web.nvd.nist.gov
105
linux
kernel
denial of service
vulnerability
cve-2015-8785

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.4%

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

Affected configurations

NVD
Node
linuxlinux_kernelRange<4.4
OR
linuxlinux_kernelMatch4.4rc1
OR
linuxlinux_kernelMatch4.4rc2
OR
linuxlinux_kernelMatch4.4rc3
OR
linuxlinux_kernelMatch4.4rc4
Node
suselinux_enterprise_real_time_extensionMatch12sp1
VendorProductVersionCPE
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc4::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc3::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc2::
linuxlinux_kernel4.4cpe:/o:linux:linux_kernel:4.4:rc1::

References

CVSS2

4.9

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS3

6.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

5.9

Confidence

High

EPSS

0.001

Percentile

50.4%