The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an “I/O vector array overrun.” (CVE-2015-1805)

Impact

A local unprivileged user may use this flaw to crash the system, or potentially escalate their privileges on the system.

CPENameOperatorVersion
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.6.0
big-ip afmeq12.0.0
big-ip analyticseq11.0.0

Name	Operator	Version
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.6.0
big-ip afm	eq	12.0.0
big-ip analytics	eq	11.0.0

Rows per page:

1-10 of 2041

openvas 31

nessus 52

threatpost 3

redhat 13

oraclelinux 9

ubuntucve 2

centos 4

androidsecurity 3

debiancve 2

android 2

veracode 6

f5 2

prion 2

cve 2

ubuntu 8

thn 3

securityvulns 2

osv 5

debian 7

suse 10

amazon 1

googleprojectzero 1

ibm 1

lenovo 1

openvas

CentOS Update for kernel CESA-2015:1042 centos5

2015-06-09 00:00:00

RedHat Update for kernel RHSA-2015:1042-01

2015-06-09 00:00:00

Oracle Linux Local Check: ELSA-2015-1042-1

2015-10-06 00:00:00

nessus

Oracle Linux 5 : ELSA-2015-1042-1: / kernel (ELSA-2015-10421)

2023-09-07 00:00:00

F5 Networks BIG-IP : Linux kernel vulnerability (SOL17458)

2015-10-20 00:00:00

RHEL 5 : kernel (RHSA-2015:1120)

2015-06-17 00:00:00

threatpost

Android Rooting Application Emergency Patch

2016-03-23 07:00:46

April 2016 Google Android Nexus Security Bulletin

2016-04-04 14:00:22

Google Detects and Boots Tizi Spyware Off Google Play

2017-11-28 12:40:09

redhat

(RHSA-2015:1042) Important: kernel security and bug fix update

2015-06-02 00:00:00

(RHSA-2015:1211) Important: kernel security and bug fix update

2015-07-07 00:00:00

(RHSA-2015:1120) Important: kernel security and bug fix update

2015-06-16 00:00:00

oraclelinux

kernel security and bug fix update

2015-06-02 00:00:00

kernel security and bug fix update

2015-06-03 00:00:00

Unbreakable Enterprise kernel security update

2016-03-23 00:00:00

ubuntucve

CVE-2015-1805

2015-06-03 00:00:00

CVE-2016-0774

2016-04-27 00:00:00

centos

kernel security update

2015-06-03 01:55:17

kernel, perf, python security update

2016-03-23 13:20:33

kernel, perf, python security update

2015-06-10 09:06:44

androidsecurity

Android Security Advisory&hairsp;—&hairsp;2016-03-18

2016-03-18 00:00:00

Nexus Security Bulletin—April 2016

2016-04-04 00:00:00

Android Security Bulletin—May 2016

2016-05-02 00:00:00

debiancve

CVE-2015-1805

2015-08-08 10:59:00

CVE-2016-0774

2016-04-27 17:59:00

android

pipe inatomic

2015-06-06 00:00:00

CVE-2015-1805

2016-04-02 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:06:06

Memory Corruption

2019-05-02 05:39:39

Sensitive Information Leakage

2019-05-02 05:39:40

SOL17458 - Linux kernel vulnerability CVE-2015-1805

2015-10-19 00:00:00

K08440897 : Linux kernel vulnerability CVE-2016-0774

2016-07-13 00:00:00

prion

Design/Logic Flaw

2015-08-08 10:59:00

Design/Logic Flaw

2016-04-27 17:59:00

cve

CVE-2015-1805

2015-08-08 10:59:00

CVE-2016-0774

2016-04-27 17:59:00

ubuntu

Linux kernel (OMAP4) vulnerabilities

2015-07-23 00:00:00

Linux kernel vulnerabilities

2015-07-23 00:00:00

Linux kernel vulnerabilities

2015-07-23 00:00:00

thn

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

2017-09-26 02:52:00

This New Android Malware Can Gain Root Access to Your Smartphones

2021-10-29 13:48:00

Google Detects Android Spyware That Spies On WhatsApp, Skype Calls

2017-11-27 22:29:00

securityvulns

[SECURITY] [DSA 3290-1] linux security update

2015-06-21 00:00:00

Linux kernel security vulnerabilities

2015-06-21 00:00:00

osv

linux - security update

2015-06-18 00:00:00

linux-2.6 - security update

2016-02-29 00:00:00

linux-2.6 - security update

2015-06-17 00:00:00

debian

[SECURITY] [DSA 3290-1] linux security update

2015-06-18 06:58:51

[SECURITY] [DSA 3290-1] linux security update

2015-06-18 06:58:51

[SECURITY] [DLA 439-1] linux-2.6 security update

2016-02-29 18:43:11

suse

Live patch for the Linux Kernel (important)

2015-09-04 12:15:30

Live patch for the Linux Kernel (important)

2015-09-04 12:16:25

Live patch for the Linux Kernel (important)

2015-09-04 12:09:23

amazon

Medium: kernel

2015-07-22 10:00:00

googleprojectzero

In-the-Wild Series: Android Exploits

2021-01-12 00:00:00

ibm

Security Bulletin: PowerKVM is affected by Linux Kernel vulnerabilities (multiple CVEs)

2018-06-18 01:28:49

lenovo

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

2020-04-13 19:22:04

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.8 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

8.1%

JSON

Related for F5:K17458